CVE-2020-8618 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	An assertion check in BIND before 9.16.4 (that is meant to prevent going beyond the end of a buffer when processing incoming data) can be incorrectly triggered by a large response during zone transfer. An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1191	bind	9.16.3-1	9.16.4-1	Medium	Fixed

Date	Advisory	Group	Package	Severity	Type
28 Jun 2020	ASA-202006-13	AVG-1191	bind	Medium	denial of service

References
https://kb.isc.org/docs/cve-2020-8618 https://gitlab.isc.org/isc-projects/bind9/-/issues/1850