CVE 2023-3341
The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.
Related bugs and status
CVE-2023-3341 (Candidate) is related to these bugs:
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 2015176 | Ubuntu 22.04.2, nsupdate stopped recognizing HMAC-MD5 key after update from 1:9.18.1-1ubuntu1.3 to 1:9.18.12-0ubuntu0.22.04.1 | bind9 (Ubuntu) | Undecided | Fix Released | ||
| 2015176 | Ubuntu 22.04.2, nsupdate stopped recognizing HMAC-MD5 key after update from 1:9.18.1-1ubuntu1.3 to 1:9.18.12-0ubuntu0.22.04.1 | BIND | Undecided | New | ||
| 2015176 | Ubuntu 22.04.2, nsupdate stopped recognizing HMAC-MD5 key after update from 1:9.18.1-1ubuntu1.3 to 1:9.18.12-0ubuntu0.22.04.1 | bind9 (Ubuntu Kinetic) | Undecided | Won't Fix | ||
| 2015176 | Ubuntu 22.04.2, nsupdate stopped recognizing HMAC-MD5 key after update from 1:9.18.1-1ubuntu1.3 to 1:9.18.12-0ubuntu0.22.04.1 | bind9 (Ubuntu Jammy) | Undecided | Fix Released | ||
| 2015176 | Ubuntu 22.04.2, nsupdate stopped recognizing HMAC-MD5 key after update from 1:9.18.1-1ubuntu1.3 to 1:9.18.12-0ubuntu0.22.04.1 | bind9 (Ubuntu Lunar) | Undecided | Fix Released | ||
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 2028413 | MRE updates of bind9 for focal, jammy and lunar | bind9 (Ubuntu) | Undecided | Fix Released | ||
| 2028413 | MRE updates of bind9 for focal, jammy and lunar | bind9 (Ubuntu Focal) | Undecided | Triaged | ||
| 2028413 | MRE updates of bind9 for focal, jammy and lunar | bind9 (Ubuntu Jammy) | Undecided | Fix Released | ||
| 2028413 | MRE updates of bind9 for focal, jammy and lunar | bind9 (Ubuntu Lunar) | Undecided | Fix Released | ||
| 2028413 | MRE updates of bind9 for focal, jammy and lunar | bind-dyndb-ldap (Ubuntu) | Undecided | Fix Released | ||
| 2028413 | MRE updates of bind9 for focal, jammy and lunar | bind-dyndb-ldap (Ubuntu Focal) | Undecided | Triaged | ||
| 2028413 | MRE updates of bind9 for focal, jammy and lunar | bind-dyndb-ldap (Ubuntu Jammy) | Undecided | Fix Released | ||
| 2028413 | MRE updates of bind9 for focal, jammy and lunar | bind-dyndb-ldap (Ubuntu Lunar) | Undecided | Fix Released | ||
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 2032650 | Add DEP8 tests for bind-dyndb-ldap integration | bind-dyndb-ldap (Ubuntu) | High | Fix Released | ||
| 2032650 | Add DEP8 tests for bind-dyndb-ldap integration | bind9 (Ubuntu) | High | Fix Released | ||
| 2032650 | Add DEP8 tests for bind-dyndb-ldap integration | bind-dyndb-ldap (Ubuntu Mantic) | High | Fix Released | ||
| 2032650 | Add DEP8 tests for bind-dyndb-ldap integration | bind9 (Ubuntu Mantic) | High | Fix Released | ||
| 2032650 | Add DEP8 tests for bind-dyndb-ldap integration | bind-dyndb-ldap (Ubuntu Lunar) | Undecided | Fix Committed | ||
| 2032650 | Add DEP8 tests for bind-dyndb-ldap integration | bind9 (Ubuntu Lunar) | Undecided | Fix Released | ||
| 2032650 | Add DEP8 tests for bind-dyndb-ldap integration | bind-dyndb-ldap (Ubuntu Jammy) | Undecided | Fix Released | ||
| 2032650 | Add DEP8 tests for bind-dyndb-ldap integration | bind9 (Ubuntu Jammy) | Undecided | Fix Released | ||
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 2037162 | [Debian] High CVE: CVE-2023-3341/CVE-2023-4236 bind9: multiple CVEs | StarlingX | High | Fix Released | ||
