|Type||Denial of service|
DNAME records, described in RFC 6672, provide a way to redirect a subtree of the domain name tree in the DNS. A flaw in the way "named" processes these records may trigger an attempt to add the same RRset to the ANSWER section more than once. In BIND before version 9.16.14, when a vulnerable version of "named" receives a query for a record triggering the flaw described above, the "named" process will terminate due to a failed assertion check.
|29 Apr 2021||ASA-202104-10||AVG-1890||bind||High||multiple issues|