CVE-2011-4313

NameCVE-2011-4313
Descriptionquery.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-2347-1
Debian Bugs649099

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
bind9 (PTS)buster1:9.11.5.P4+dfsg-5.1+deb10u7fixed
buster (security)1:9.11.5.P4+dfsg-5.1+deb10u10fixed
bullseye1:9.16.44-1~deb11u1fixed
bullseye (security)1:9.16.48-1fixed
bookworm1:9.18.19-1~deb12u1fixed
bookworm (security)1:9.18.24-1fixed
sid, trixie1:9.19.21-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
bind9sourcelenny1:9.6.ESV.R4+dfsg-0+lenny4DSA-2347-1
bind9sourcesqueeze1:9.7.3.dfsg-1~squeeze4DSA-2347-1
bind9source(unstable)1:9.8.1.dfsg.P1-1high649099

Search for package or bug name: Reporting problems