CVE-2023-4408

Parsing large DNS messages may cause excessive CPU load

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers.
This issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

El código de análisis de mensajes DNS en "named" incluye una sección cuya complejidad computacional es demasiado alta. No causa problemas para el tráfico DNS típico, pero las consultas y respuestas manipuladas pueden causar una carga excesiva de la CPU en la instancia "nombrada" afectada al explotar esta falla. Este problema afecta tanto a los servidores autorizados como a los solucionadores recursivos. Este problema afecta a las versiones de BIND 9, 9.0.0 a 9.16.45, 9.18.0 a 9.18.21, 9.19.0 a 9.19.19, 9.9.3-S1 a 9.11.37-S1, 9.16.8-S1 a 9.16. 45-S1 y 9.18.11-S1 a 9.18.21-S1.

A flaw was found in the bind package. This issue may allow a remote attacker with no specific privileges to craft a specially long DNS message leading to an excessive and uncontrolled CPU usage, the server being unavailable, and a Denial of Service.

*Credits: ISC would like to thank Shoham Danino from Reichman University, Anat Bremler-Barr from Tel-Aviv University, Yehuda Afek from Tel-Aviv University, and Yuval Shavitt from Tel-Aviv University for bringing this vulnerability to our attention.

CVSS Scores

Internet Systems Consortium (ISC)v3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-08-18 CVE Reserved
2024-02-13 CVE Published
2024-04-27 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (9)

URL	Tag	Source
http://www.openwall.com/lists/oss-security/2024/02/13/1
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R
https://security.netapp.com/advisory/ntap-20240426-0001

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://kb.isc.org/docs/cve-2023-4408	2024-04-26
https://access.redhat.com/security/cve/CVE-2023-4408	2024-06-10
https://bugzilla.redhat.com/show_bug.cgi?id=2263896	2024-06-10

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
ISC Search vendor "ISC"		BIND 9 Search vendor "ISC" for product "BIND 9"				>= 9.0.0 <= 9.16.45 Search vendor "ISC" for product "BIND 9" and version " >= 9.0.0 <= 9.16.45"		en		Affected
ISC Search vendor "ISC"		BIND 9 Search vendor "ISC" for product "BIND 9"				>= 9.18.0 <= 9.18.21 Search vendor "ISC" for product "BIND 9" and version " >= 9.18.0 <= 9.18.21"		en		Affected
ISC Search vendor "ISC"		BIND 9 Search vendor "ISC" for product "BIND 9"				>= 9.19.0 <= 9.19.19 Search vendor "ISC" for product "BIND 9" and version " >= 9.19.0 <= 9.19.19"		en		Affected