Vulnerability Details : CVE-2023-5679
A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled.
This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
Products affected by CVE-2023-5679
- cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
- cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.32:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.14:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.36:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.12:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.43:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.18.18:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.18.11:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.45:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.18.21:s1:*:*:supported_preview:*:*:*
- cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-5679
0.61%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-5679
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
Internet Systems Consortium (ISC) | 2024-02-13 |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
N/A
|
N/A
|
RedHat-CVE-2023-5679 | 2024-02-13 |
References for CVE-2023-5679
-
https://security.netapp.com/advisory/ntap-20240426-0002/
CVE-2023-5679 ISC BIND Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
[SECURITY] Fedora 38 Update: bind-dyndb-ldap-11.10-23.fc38 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
[SECURITY] Fedora 39 Update: bind-dyndb-ldap-11.10-24.fc39 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://kb.isc.org/docs/cve-2023-5679
CVE-2023-5679Vendor Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
[SECURITY] Fedora 38 Update: bind9-next-9.19.21-1.fc38 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
[SECURITY] Fedora 39 Update: bind9-next-9.19.21-1.fc39 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2024/02/13/1
oss-security - ISC has disclosed six vulnerabilities in BIND 9 (CVE-2023-4408, CVE-2023-5517, CVE-2023-5679, CVE-2023-6516, CVE-2023-50387, CVE-2023-50868)Mailing List;Third Party Advisory
Jump to