Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-5679

A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

Published

2024-02-13T14:15:45.677

Last Modified

2025-03-29T00:15:16.493

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-617

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	netapp	active_iq_unified_manager	-	Yes
Operating System	fedoraproject	fedora	38	Yes
Operating System	fedoraproject	fedora	39	Yes
Application	isc	bind	≤ 9.16.45	Yes
Application	isc	bind	≤ 9.18.21	Yes
Application	isc	bind	≤ 9.19.19	Yes
Application	isc	bind	9.16.12	Yes
Application	isc	bind	9.16.13	Yes
Application	isc	bind	9.16.14	Yes
Application	isc	bind	9.16.21	Yes
Application	isc	bind	9.16.32	Yes
Application	isc	bind	9.16.36	Yes
Application	isc	bind	9.16.43	Yes
Application	isc	bind	9.16.45	Yes
Application	isc	bind	9.18.11	Yes
Application	isc	bind	9.18.18	Yes
Application	isc	bind	9.18.21	Yes

References

http://www.openwall.com/lists/oss-security/2024/02/13/1 Mailing List, Third Party Advisory ([email protected])
https://kb.isc.org/docs/cve-2023-5679 Vendor Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/[email protected]/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/ Mailing List, Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/[email protected]/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/ Mailing List, Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/[email protected]/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/ Mailing List, Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/ Mailing List, Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20240426-0002/ Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2024/02/13/1 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://kb.isc.org/docs/cve-2023-5679 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/[email protected]/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/ Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/[email protected]/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/ Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/[email protected]/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/ Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/ Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20240426-0002/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)