Home

CVE-2020-8616

Description

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.

Risk Information

Base Score
8.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS Score
Exploitation Probability
24.705

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in BIND 9.17.1Windows
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) bind-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) bind-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) bind-chrootenv-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) bind-chrootenv-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) bind-debuginfo-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) bind-debuginfo-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) bind-debugsource-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) bind-debugsource-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) bind-doc-9.11.2-3.17.1.noarch.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) bind-doc-9.11.2-3.17.1.noarch_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) bind-utils-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) bind-utils-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) bind-utils-debuginfo-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) bind-utils-debuginfo-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libbind9-160-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libbind9-160-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libbind9-160-debuginfo-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libbind9-160-debuginfo-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libdns169-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libdns169-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libdns169-debuginfo-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libdns169-debuginfo-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libirs160-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libirs160-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libirs160-debuginfo-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libirs160-debuginfo-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libisc166-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libisc166-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libisc166-32bit-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libisc166-32bit-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libisc166-debuginfo-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libisc166-debuginfo-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libisc166-debuginfo-32bit-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libisc166-debuginfo-32bit-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libisccc160-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libisccc160-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libisccc160-debuginfo-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libisccc160-debuginfo-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libisccfg160-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libisccfg160-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) libisccfg160-debuginfo-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) libisccfg160-debuginfo-9.11.2-3.17.1.x86_64_SP5.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) liblwres160-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) liblwres160-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) liblwres160-debuginfo-9.11.2-3.17.1.x86_64.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) liblwres160-debuginfo-9.11.2-3.17.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP5 ) python-bind-9.11.2-3.17.1.noarch.rpmLinux
SUSE-SU-2020:1350-1(SUSE Linux Enterprise Server 12-SP4 ) python-bind-9.11.2-3.17.1.noarch_SP4.rpmLinux
bind9 security update(DSA-4689-1) bind9_9.10.3.dfsg.P4-12.3+deb9u6_i386.debLinux
bind9 security update(DSA-4689-1) bind9_9.10.3.dfsg.P4-12.3+deb9u6_amd64.debLinux
bind9 security update(DSA-4689-1) bind9_9.11.5.P4+dfsg-5.1+deb10u1_i386.debLinux
bind9 security update(DSA-4689-1) bind9_9.11.5.P4+dfsg-5.1+deb10u1_amd64.debLinux
Internet Domain Name Server (USN-4365-1) bind9_9.16.1-0ubuntu2.1_i386.debLinux
Internet Domain Name Server (USN-4365-1) bind9_9.16.1-0ubuntu2.1_amd64.debLinux
Internet Domain Name Server (USN-4365-1) bind9_9.11.3+dfsg-1ubuntu1.12_i386.debLinux
Internet Domain Name Server (USN-4365-1) bind9_9.11.3+dfsg-1ubuntu1.12_amd64.debLinux
Internet Domain Name Server (USN-4365-1) bind9_9.10.3.dfsg.P4-8ubuntu1.16_i386.debLinux
Internet Domain Name Server (USN-4365-1) bind9_9.10.3.dfsg.P4-8ubuntu1.16_amd64.debLinux
Internet Domain Name Server (USN-4365-1) bind9_9.11.5.P4+dfsg-5.1ubuntu2.2_i386.debLinux
Internet Domain Name Server (USN-4365-1) bind9_9.11.5.P4+dfsg-5.1ubuntu2.2_amd64.debLinux
(RHSA-2020:2344) bind security update bind-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-devel-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(RHSA-2020:2344) bind security update bind-devel-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-export-devel-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(RHSA-2020:2344) bind security update bind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-export-libs-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(RHSA-2020:2344) bind security update bind-export-libs-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-libs-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(RHSA-2020:2344) bind security update bind-libs-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-libs-lite-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(RHSA-2020:2344) bind security update bind-libs-lite-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-license-9.11.4-16.P2.el7_8.6.noarch.rpmLinux
(RHSA-2020:2344) bind security update bind-lite-devel-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(RHSA-2020:2344) bind security update bind-lite-devel-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-pkcs11-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(RHSA-2020:2344) bind security update bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(RHSA-2020:2344) bind security update bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-pkcs11-utils-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-sdb-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-sdb-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2344) bind security update bind-utils-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(RHSA-2020:2383) bind security update bind-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(RHSA-2020:2383) bind security update bind-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
(RHSA-2020:2383) bind security update bind-chroot-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(RHSA-2020:2383) bind security update bind-chroot-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
(RHSA-2020:2383) bind security update bind-devel-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(RHSA-2020:2383) bind security update bind-devel-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
(RHSA-2020:2383) bind security update bind-libs-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(RHSA-2020:2383) bind security update bind-libs-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
(RHSA-2020:2383) bind security update bind-sdb-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(RHSA-2020:2383) bind security update bind-sdb-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
(RHSA-2020:2383) bind security update bind-utils-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(RHSA-2020:2383) bind security update bind-utils-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
Bind update (ELSA-2020-2338) bind-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-chroot update (ELSA-2020-2338) bind-chroot-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-devel update (ELSA-2020-2338) bind-devel-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-export-devel update (ELSA-2020-2338) bind-export-devel-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-export-libs update (ELSA-2020-2338) bind-export-libs-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-libs update (ELSA-2020-2338) bind-libs-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-libs-lite update (ELSA-2020-2338) bind-libs-lite-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-lite-devel update (ELSA-2020-2338) bind-lite-devel-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-pkcs11 update (ELSA-2020-2338) bind-pkcs11-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-pkcs11-devel update (ELSA-2020-2338) bind-pkcs11-devel-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-pkcs11-libs update (ELSA-2020-2338) bind-pkcs11-libs-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-pkcs11-utils update (ELSA-2020-2338) bind-pkcs11-utils-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-sdb update (ELSA-2020-2338) bind-sdb-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-sdb-chroot update (ELSA-2020-2338) bind-sdb-chroot-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-utils update (ELSA-2020-2338) bind-utils-9.11.13-5.el8_2.x86_64.rpmLinux
Bind-license update (ELSA-2020-2338) bind-license-9.11.13-5.el8_2.noarch.rpmLinux
Python3-bind update (ELSA-2020-2338) python3-bind-9.11.13-5.el8_2.noarch.rpmLinux
Bind-devel update (ELSA-2020-2338) bind-devel-9.11.13-5.el8_2.i686.rpmLinux
Bind-export-devel update (ELSA-2020-2338) bind-export-devel-9.11.13-5.el8_2.i686.rpmLinux
Bind-export-libs update (ELSA-2020-2338) bind-export-libs-9.11.13-5.el8_2.i686.rpmLinux
Bind-libs update (ELSA-2020-2338) bind-libs-9.11.13-5.el8_2.i686.rpmLinux
Bind-libs-lite update (ELSA-2020-2338) bind-libs-lite-9.11.13-5.el8_2.i686.rpmLinux
Bind-lite-devel update (ELSA-2020-2338) bind-lite-devel-9.11.13-5.el8_2.i686.rpmLinux
Bind-pkcs11-devel update (ELSA-2020-2338) bind-pkcs11-devel-9.11.13-5.el8_2.i686.rpmLinux
Bind-pkcs11-libs update (ELSA-2020-2338) bind-pkcs11-libs-9.11.13-5.el8_2.i686.rpmLinux
(CESA-2020:2344) bind security update bind-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-devel-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(CESA-2020:2344) bind security update bind-devel-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-export-devel-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(CESA-2020:2344) bind security update bind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-export-libs-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(CESA-2020:2344) bind security update bind-export-libs-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-libs-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(CESA-2020:2344) bind security update bind-libs-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-libs-lite-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(CESA-2020:2344) bind security update bind-libs-lite-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-license-9.11.4-16.P2.el7_8.6.noarch.rpmLinux
(CESA-2020:2344) bind security update bind-lite-devel-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(CESA-2020:2344) bind security update bind-lite-devel-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-pkcs11-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(CESA-2020:2344) bind security update bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.i686.rpmLinux
(CESA-2020:2344) bind security update bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-pkcs11-utils-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-sdb-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-sdb-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2344) bind security update bind-utils-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
(CESA-2020:2383) bind security update bind-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(CESA-2020:2383) bind security update bind-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
(CESA-2020:2383) bind security update bind-chroot-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(CESA-2020:2383) bind security update bind-chroot-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
(CESA-2020:2383) bind security update bind-devel-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(CESA-2020:2383) bind security update bind-devel-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
(CESA-2020:2383) bind security update bind-libs-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(CESA-2020:2383) bind security update bind-libs-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
(CESA-2020:2383) bind security update bind-sdb-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(CESA-2020:2383) bind security update bind-sdb-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
(CESA-2020:2383) bind security update bind-utils-9.8.2-0.68.rc1.el6_10.7.i686.rpmLinux
(CESA-2020:2383) bind security update bind-utils-9.8.2-0.68.rc1.el6_10.7.x86_64.rpmLinux
Bind-export-devel update (ELSA-2020-2344) bind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpmLinux
Uncontrolled Resource Consumption Vulnerability (CVE-2020-8616)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234