Vulnerabilities > CVE-2023-5517 - Reachable Assertion vulnerability in multiple products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

NVD

Published: 2024-02-13

Updated: 2024-11-21

Summary

A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versions 9.12.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

Vulnerable Configurations

Part	Description	Count
Application	Netapp Netapp Active IQ Unified Manager -	1
Application	Isc ISC Bind 9.16.8 ISC Bind 9.16.11 ISC Bind 9.16.13 ISC Bind 9.16.21 ISC Bind 9.16.32 ISC Bind 9.16.14 ISC Bind 9.16.36 ISC Bind 9.16.12 ISC Bind 9.16.43 ISC Bind 9.18.18 ISC Bind 9.18.11 ISC Bind 9.19.0 ISC Bind 9.19.1 ISC Bind 9.19.2 ISC Bind 9.19.3 ISC Bind 9.19.4 ISC Bind 9.19.5 ISC Bind 9.19.6 ISC Bind 9.19.8 ISC Bind 9.19.9 ISC Bind 9.19.16 ISC Bind 9.19.17 ISC Bind 9.18.0 ISC Bind 9.18.1 ISC Bind 9.18.2 ISC Bind 9.18.3 ISC Bind 9.18.4 ISC Bind 9.18.5 ISC Bind 9.18.6 ISC Bind 9.18.7 ISC Bind 9.18.8 ISC Bind 9.18.10 ISC Bind 9.18.19 ISC Bind 9.16.45 ISC Bind 9.18.21 ISC Bind 9.12.0 ISC Bind 9.16.0 ISC Bind 9.16.15 ISC Bind 9.16.19 ISC Bind 9.16.22 ISC Bind 9.16.37 ISC Bind 9.16.44	49
OS	Fedoraproject Fedoraproject Fedora 38 Fedoraproject Fedora 39	2

Common Weakness Enumeration (CWE)

CWE-617 - Reachable Assertion

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References