A failure to free memory can occur when processing messages having a specific combination of EDNS options has been found in bind prior to 9.13.7. By exploiting this condition, an attacker can potentially cause named's memory use to grow without bounds until all memory available to the process is exhausted. Typically a server process is limited as to the amount of memory it can use but if the named process is not limited by the operating system all free memory on the server could be exhausted.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isc bind 9.10.8 |
||
isc bind |
||
isc bind 9.12.3 |
||
isc bind 9.11.5 |
||
isc bind 9.10.7 |