CVE-2024-0760

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-0760

CGA ID

CGA-23v9-jg3v-356f

Severity

Unknown

Description

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.

References

https://images.chainguard.dev/security/CGA-23v9-jg3v-356f
https://github.com/advisories/GHSA-v3r3-642v-rqj8
http://www.openwall.com/lists/oss-security/2024/07/23/1
http://www.openwall.com/lists/oss-security/2024/07/31/2
https://kb.isc.org/docs/cve-2024-0760
https://security.alpinelinux.org/vuln/CVE-2024-0760
https://security-tracker.debian.org/tracker/CVE-2024-0760

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2024-0760

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources