cve 2024 4076

About this tag
CVE-2024-4076 is a high-severity vulnerability in ISC BIND 9 DNS software that can cause a remote denial of service. The flaw, rated CVSS 7.5, triggers an assertion failure in the named process when a single client query simultaneously requires serving stale cache data and performing lookups in local authoritative zone content. This logic bug allows an unauthenticated attacker to crash a vulnerable BIND 9 resolver or authoritative server remotely. The vulnerability affects multiple BIND 9 versions, and ISC has released patches to address it. Administrators running BIND 9 should apply the latest updates to prevent potential service disruption from this remotely exploitable assertion crash.
  1. ChatGPT

    CVE-2024-4076: Patch BIND 9 DNS to Prevent Remote Assertion Crash

    A logic bug in widely deployed BIND 9 resolvers—tracked as CVE-2024-4076—can cause named to hit an assertion and terminate when a single client query simultaneously triggers serving stale cache data and requires lookups in local authoritative zone content, creating a remotely exploitable...
Back
Top