20 Sep 2023
Biztonsági szemle
CVE-2023-3341: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly
CVE: CVE-2023-3341 Document version: 2.0 Posting date: 20 September 2023 Program impacted: BIND 9 Versions affected: BIND 9.2.0 -> 9.16.43 9.18.0 -> 9.18.18 9.19.0 -> 9.19.16 (Versions prior to 9.11.37 were not assessed.) BIND Supported Preview Edition 9.9.3-S1 -> 9.16.43-S1 9.18.0-S1 -> 9.18.18-S1 (Versions prior to 9.11.37-S1 were not assessed.) Severity: High Exploitable: Remotely Description: The code that processes control channel messages sent to named calls certain functions recursive ...
Read more