CVE-2023-3341

Published Sep 20, 2023

Last updated 9 months ago

CVSS high 7.5

Overview

Description: The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.
Source: security-officer@isc.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-787

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "322EA0C2-84E3-4D3E-A9DE-F02A933D6B2A",
            "versionEndExcluding": "9.16.44",
            "versionStartIncluding": "9.2.0"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A49C866-6171-4FF1-876F-9B31BF10296C",
            "versionEndExcluding": "9.18.19",
            "versionStartIncluding": "9.18.0"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF9DB43A-47CA-496E-8EF9-2F0C34A6E8E5",
            "versionEndExcluding": "9.19.17",
            "versionStartIncluding": "9.19.0"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40EE014B-0CD8-45F3-BEDB-AE6368A78B04"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAF8FA8C-0526-4389-AEC6-92AD62AA3929"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.9.13:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A9BA952-A5DF-4CBA-8928-0B373C013C32"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CAD41122-C5D8-4256-8CB7-FF88DCD96A13"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6243685F-1E5B-4FF6-AE1B-44798032FBA6"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2FE13E1-0646-46FC-875B-CB4C34E20101"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.3:s4:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39995ADF-74CC-4035-ADB2-010F676FCEC7"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.4:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37F4F055-5DE3-45FC-82DE-E17679E7B939"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AA16E51-819C-4A1B-B66E-1C60C1782C0D"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91533F9F-C0E5-4E84-8A4C-F744F956BF97"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46E6A4BD-D69B-4A70-821D-5612DD1315EF"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AF9D390-0D5B-4963-A2D3-BF1E7CD95E9D"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB2B92F1-6BA8-41CA-9000-E0633462CC28"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02CA4635-7DFC-408E-A837-856E0F96CA1B"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CABCB08-B838-45F7-AA87-77C6B8767DD0"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CC1F26C-4757-4C87-BD8B-2FA456A88C6F"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "582A4948-B64F-45D4-807A-846A85BB6B42"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F22E7F6A-0714-480D-ACDF-5027FD6697B2"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.35:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "255AEB06-F071-4433-93E5-9436086C1A6D"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.11.37:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF14D712-5FCF-492F-BE3E-745109E9D6E5"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "288EAD80-574B-4839-9C2C-81D6D088A733"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3595F024-F910-4356-8B5B-D478960FF574"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.12:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B20F152-D0C3-4F07-83B3-5EA6B116F005"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94661BA2-27F8-4FFE-B844-9404F735579D"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.14:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53593603-E2AF-4925-A6E6-109F097A0FF2"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "751E37C2-8BFD-4306-95C1-8C01CE495FA4"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.32:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC432820-F1A2-4132-A673-2620119553C5"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.36:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F70347F2-6750-4497-B8F4-2036F4F4443A"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.16.43:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4B53B73-DB81-4AC1-A4E6-89BB305D6514"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.18.0:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22F7108A-73F1-4950-B2C8-AB56C1D4DAC5"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.18.18:s1:*:*:supported_preview:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0233AEF2-9911-48AE-AE97-F217E3337AAF"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References