Original Issue Date :August 27, 2021
Severity Rating: HIGH
Software Affected
ISC Bind versions9.16.19, 9.17.16
ISC Bind versions 9.16.19-S1
Overview
A vulnerability have been reported in ISC BIND which could allow a remote attacker to cause denial of service conditions on the targeted system.
Description
This vulnerability exist in ISC BIND due to a strict assertion check when named attempts to respond over UDP with a response that is larger than the current effective interface maximum transmission unit (MTU). A remote attacker could exploit this vulnerability to trigger a failed assertion check and terminate the named process.
Successful exploitation of this vulnerability could allow a remote attacker to cause denial of service conditions on the targeted system.
Solution
Update to the latest versions as available at the following URL:
Update to the latest versions as available at the following URL:
Vendor Information
ISC
https://kb.isc.org/docs/cve-2021-25218
References
https://security-tracker.debian.org/tracker/CVE-2021-25218
CVE Name
CVE-2021-25218
Disclaimer
The information provided herein is on “as is” basis, without warranty of any kind.