CVE-2024-11187
bind9 - security update
Description
It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1.
How to fix CVE-2024-11187
To remediate CVE-2024-11187, upgrade the affected package to a fixed version below.
- —upgrade to 9.18.33-r0 or later
- —upgrade to 1:9.16.50-1~deb11u3 or later
- —upgrade to 1:9.16.50-1~deb11u3 or later
- —upgrade to 1:9.18.33-1~deb12u2 or later
Is CVE-2024-11187 being exploited?
Low — EPSS is 4.2%, meaning exploitation activity has not been observed at scale.
Affected packages (4)
- from 0, < 9.18.33-r0
- from 0, < 1:9.16.50-1~deb11u3
- from 0, < 1:9.16.50-1~deb11u3
- from 0, < 1:9.18.33-1~deb12u2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |