Home

CVE-2021-25214

Description

In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.671

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2021-25214,CVE-2021-25215 are affected in BIND 9.17.11Windows
Multiple Vulnerabilities are affected in BIND 9.10.5.s1Windows
Multiple Vulnerabilities are affected in BIND 9.11.5.s5Windows
Multiple Vulnerabilities are affected in BIND 9.11.6.s1Windows
Multiple Vulnerabilities are affected in BIND 9.10.7.s1Windows
Multiple Vulnerabilities are affected in BIND 9.11.12.s1Windows
Multiple Vulnerabilities are affected in BIND 9.11.21.s1Windows
Multiple Vulnerabilities are affected in BIND 9.11.27.s1Windows
Multiple Vulnerabilities are affected in BIND 9.11.29.s1Windows
Multiple Vulnerabilities are affected in BIND 9.11.3.s1Windows
Vulnerabilities CVE-2021-25214,CVE-2021-25215,CVE-2021-25216 are affected in BIND 9.11.30Windows
Multiple Vulnerabilities are affected in BIND 9.11.5.s3Windows
Multiple Vulnerabilities are affected in BIND 9.11.5.s6Windows
Multiple Vulnerabilities are affected in BIND 9.11.7.s1Windows
Multiple Vulnerabilities are affected in BIND 9.11.8.s1Windows
Multiple Vulnerabilities are affected in BIND 9.16.11.s1Windows
Multiple Vulnerabilities are affected in BIND 9.16.13.s1Windows
Vulnerabilities CVE-2021-25214,CVE-2021-25215,CVE-2021-25216 are affected in BIND 9.16.14Windows
Multiple Vulnerabilities are affected in BIND 9.16.8.s1Windows
Vulnerabilities CVE-2021-25214,CVE-2021-25215,CVE-2021-25216 are affected in BIND 9.17.11Windows
Vulnerabilities CVE-2021-25214 are affected in BIND 9.8.8Windows
Multiple Vulnerabilities are affected in BIND 9.9.12.s1Windows
Multiple Vulnerabilities are affected in BIND 9.9.13.s1Windows
Multiple Vulnerabilities are affected in BIND 9.9.3.s1Windows
bind9 security update(DSA-4909-1) bind9_9.11.5.P4+dfsg-5.1+deb10u5_i386.debLinux
bind9 security update(DSA-4909-1) bind9_9.11.5.P4+dfsg-5.1+deb10u5_amd64.debLinux
Internet Domain Name Server (USN-4929-1) bind9_9.16.1-0ubuntu2.8_i386.debLinux
Internet Domain Name Server (USN-4929-1) bind9_9.16.1-0ubuntu2.8_amd64.debLinux
Internet Domain Name Server (USN-4929-1) bind9_9.16.6-3ubuntu1.2_i386.debLinux
Internet Domain Name Server (USN-4929-1) bind9_9.16.6-3ubuntu1.2_amd64.debLinux
Internet Domain Name Server (USN-4929-1) bind9_9.16.8-1ubuntu3.1_i386.debLinux
Internet Domain Name Server (USN-4929-1) bind9_9.16.8-1ubuntu3.1_amd64.debLinux
Internet Domain Name Server (USN-4929-1) bind9_9.11.3+dfsg-1ubuntu1.15_i386.debLinux
Internet Domain Name Server (USN-4929-1) bind9_9.11.3+dfsg-1ubuntu1.15_amd64.debLinux
Internet Domain Name Server (USN-4929-1) bind9_9.10.3.dfsg.P4-8ubuntu1.19_i386.debLinux
Internet Domain Name Server (USN-4929-1) bind9_9.10.3.dfsg.P4-8ubuntu1.19_amd64.debLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) bind-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) bind-chrootenv-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) bind-debuginfo-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) bind-debugsource-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) bind-doc-9.11.22-3.34.1.noarch.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) bind-utils-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) bind-utils-debuginfo-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libbind9-161-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libbind9-161-debuginfo-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libdns1110-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libdns1110-debuginfo-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libirs161-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libirs161-debuginfo-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libisc1107-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libisc1107-32bit-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libisc1107-debuginfo-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libisc1107-debuginfo-32bit-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libisccc161-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libisccc161-debuginfo-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libisccfg163-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) libisccfg163-debuginfo-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) liblwres161-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) liblwres161-debuginfo-9.11.22-3.34.1.x86_64.rpmLinux
SUSE-SU-2021:1468-1(SUSE Linux Enterprise Server 12-SP5 ) python-bind-9.11.22-3.34.1.noarch.rpmLinux
(RHSA-2021:3325) bind security update bind-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-chroot-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-devel-9.11.4-26.P2.el7_9.7.i686.rpmLinux
(RHSA-2021:3325) bind security update bind-devel-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-export-devel-9.11.4-26.P2.el7_9.7.i686.rpmLinux
(RHSA-2021:3325) bind security update bind-export-devel-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-export-libs-9.11.4-26.P2.el7_9.7.i686.rpmLinux
(RHSA-2021:3325) bind security update bind-export-libs-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-libs-9.11.4-26.P2.el7_9.7.i686.rpmLinux
(RHSA-2021:3325) bind security update bind-libs-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-libs-lite-9.11.4-26.P2.el7_9.7.i686.rpmLinux
(RHSA-2021:3325) bind security update bind-libs-lite-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-license-9.11.4-26.P2.el7_9.7.noarch.rpmLinux
(RHSA-2021:3325) bind security update bind-lite-devel-9.11.4-26.P2.el7_9.7.i686.rpmLinux
(RHSA-2021:3325) bind security update bind-lite-devel-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-pkcs11-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-pkcs11-devel-9.11.4-26.P2.el7_9.7.i686.rpmLinux
(RHSA-2021:3325) bind security update bind-pkcs11-devel-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.i686.rpmLinux
(RHSA-2021:3325) bind security update bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-pkcs11-utils-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-sdb-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-sdb-chroot-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:3325) bind security update bind-utils-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind update (ELSA-2021-3325) bind-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-chroot update (ELSA-2021-3325) bind-chroot-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-devel update (ELSA-2021-3325) bind-devel-9.11.4-26.P2.el7_9.7.i686.rpmLinux
Bind-devel update (ELSA-2021-3325) bind-devel-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-export-devel update (ELSA-2021-3325) bind-export-devel-9.11.4-26.P2.el7_9.7.i686.rpmLinux
Bind-export-devel update (ELSA-2021-3325) bind-export-devel-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-export-libs update (ELSA-2021-3325) bind-export-libs-9.11.4-26.P2.el7_9.7.i686.rpmLinux
Bind-export-libs update (ELSA-2021-3325) bind-export-libs-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-libs update (ELSA-2021-3325) bind-libs-9.11.4-26.P2.el7_9.7.i686.rpmLinux
Bind-libs update (ELSA-2021-3325) bind-libs-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-libs-lite update (ELSA-2021-3325) bind-libs-lite-9.11.4-26.P2.el7_9.7.i686.rpmLinux
Bind-libs-lite update (ELSA-2021-3325) bind-libs-lite-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-license update (ELSA-2021-3325) bind-license-9.11.4-26.P2.el7_9.7.noarch.rpmLinux
Bind-lite-devel update (ELSA-2021-3325) bind-lite-devel-9.11.4-26.P2.el7_9.7.i686.rpmLinux
Bind-lite-devel update (ELSA-2021-3325) bind-lite-devel-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-pkcs11 update (ELSA-2021-3325) bind-pkcs11-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-pkcs11-devel update (ELSA-2021-3325) bind-pkcs11-devel-9.11.4-26.P2.el7_9.7.i686.rpmLinux
Bind-pkcs11-devel update (ELSA-2021-3325) bind-pkcs11-devel-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-pkcs11-libs update (ELSA-2021-3325) bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.i686.rpmLinux
Bind-pkcs11-libs update (ELSA-2021-3325) bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-pkcs11-utils update (ELSA-2021-3325) bind-pkcs11-utils-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-sdb update (ELSA-2021-3325) bind-sdb-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-sdb-chroot update (ELSA-2021-3325) bind-sdb-chroot-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
Bind-utils update (ELSA-2021-3325) bind-utils-9.11.4-26.P2.el7_9.7.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-chroot-9.11.26-6.el8.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-debugsource-9.11.26-6.el8.i686.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-debugsource-9.11.26-6.el8.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-devel-9.11.26-6.el8.i686.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-devel-9.11.26-6.el8.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-export-devel-9.11.26-6.el8.i686.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-export-devel-9.11.26-6.el8.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-lite-devel-9.11.26-6.el8.i686.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-lite-devel-9.11.26-6.el8.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-pkcs11-9.11.26-6.el8.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-pkcs11-devel-9.11.26-6.el8.i686.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-pkcs11-devel-9.11.26-6.el8.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-pkcs11-libs-9.11.26-6.el8.i686.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-pkcs11-libs-9.11.26-6.el8.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-pkcs11-utils-9.11.26-6.el8.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-sdb-9.11.26-6.el8.x86_64.rpmLinux
(RHSA-2021:4384) bind security and bug fix update bind-sdb-chroot-9.11.26-6.el8.x86_64.rpmLinux
Reachable Assertion Vulnerability (CVE-2021-25214)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234