You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2024 4076
About this tag
CVE-2024-4076 is a high-severity vulnerability in ISC BIND 9 DNS software that can cause a remote denial of service. The flaw, rated CVSS 7.5, triggers an assertion failure in the named process when a single client query simultaneously requires serving stale cache data and performing lookups in local authoritative zone content. This logic bug allows an unauthenticated attacker to crash a vulnerable BIND 9 resolver or authoritative server remotely. The vulnerability affects multiple BIND 9 versions, and ISC has released patches to address it. Administrators running BIND 9 should apply the latest updates to prevent potential service disruption from this remotely exploitable assertion crash.
A logic bug in widely deployed BIND 9 resolvers—tracked as CVE-2024-4076—can cause named to hit an assertion and terminate when a single client query simultaneously triggers serving stale cache data and requires lookups in local authoritative zone content, creating a remotely exploitable...