BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query.
This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Bind | Isc | 9.16.12 (including) | 9.16.37 (excluding) |
| Bind | Isc | 9.18.0 (including) | 9.18.11 (excluding) |
| Bind | Isc | 9.19.0 (including) | 9.19.9 (excluding) |
| Bind | Isc | 9.16.11-s1 (including) | 9.16.11-s1 (including) |
| Bind | Isc | 9.16.13-s1 (including) | 9.16.13-s1 (including) |
| Bind | Isc | 9.16.14-s1 (including) | 9.16.14-s1 (including) |
| Bind | Isc | 9.16.21-s1 (including) | 9.16.21-s1 (including) |
| Bind | Isc | 9.16.32-s1 (including) | 9.16.32-s1 (including) |
| Bind | Isc | 9.16.36-s1 (including) | 9.16.36-s1 (including) |
| Red Hat Enterprise Linux 8 | RedHat | bind9.16-32:9.16.23-0.14.el8 | * |
| Red Hat Enterprise Linux 9 | RedHat | bind-32:9.16.23-11.el9 | * |
| Bind9 | Ubuntu | devel | * |
| Bind9 | Ubuntu | jammy | * |
| Bind9 | Ubuntu | kinetic | * |
| Bind9 | Ubuntu | lunar | * |
| Bind9 | Ubuntu | trusty | * |
| Bind9 | Ubuntu | upstream | * |
| Bind9 | Ubuntu | xenial | * |