The Internet Systems Consortium (ISC) has released security advisories to address vulnerabilities affecting ISC’s Berkeley Internet Name Domain (BIND) 9. A malicious cyber actor could exploit these vulnerabilities to cause denial-of-service conditions.
CISA encourages users and administrators to review the following ISC advisories and apply necessary updates or workarounds:
- CVE-2023-4236: named may terminate unexpectedly under high DNS-over-TLS query load
- CVE-2023-3341: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly