Ubuntu Security Notice 5126-2 - USN-5126-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame cache when processing responses. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. Various other issues were also addressed.
84bfe5f035a07b28c524d5511207a27c943a510340e420ed5c2d0481add22b33
=========================================================================
Ubuntu Security Notice USN-5126-2
October 28, 2021
bind9 vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Bind could be made to consume resources if it received specially crafted
network traffic.
Software Description:
- bind9: Internet Domain Name Server
Details:
USN-5126-1 fixed a vulnerability in Bind. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame
cache when processing responses. A remote attacker could possibly use this
issue to cause Bind to consume resources, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
bind9 1:9.10.3.dfsg.P4-8ubuntu1.19+esm1
Ubuntu 14.04 ESM:
bind9 1:9.9.5.dfsg-3ubuntu0.19+esm5
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5126-2
https://ubuntu.com/security/notices/USN-5126-1
CVE-2021-25219