CVE-2021-25218 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	In BIND before version 9.16.20, if "named" attempts to respond over UDP with a response that is larger than the current effective interface maximum transmission unit (MTU), and if response-rate limiting (RRL) is active, an assertion failure is triggered (resulting in termination of the "named" server process).

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2303	bind	9.16.19-1	9.16.20-1	Medium	Fixed

References
https://kb.isc.org/docs/cve-2021-25218 https://downloads.isc.org/isc/bind9/9.16.20/patches/CVE-2021-25218.patch https://github.com/isc-projects/bind9/commit/f9571bbc5fd7ca7067e80058758fc7b5be8b951a