In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
A number or object is predictable based on observations that the attacker can make about the state of the system or network, such as time, process ID, etc.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat Enterprise Linux 10 | RedHat | bind-32:9.18.33-4.el10_0.2 | * |
| Red Hat Enterprise Linux 10 | RedHat | bind-32:9.18.33-10.el10_1.2 | * |
| Red Hat Enterprise Linux 8 | RedHat | bind9.16-32:9.16.23-0.22.el8_10.4 | * |
| Red Hat Enterprise Linux 9 | RedHat | bind9.18-32:9.18.29-4.el9_6.2 | * |
| Red Hat Enterprise Linux 9 | RedHat | bind-32:9.16.23-31.el9_6.2 | * |
| Red Hat Enterprise Linux 9 | RedHat | bind-32:9.16.23-34.el9_7.1 | * |
| Red Hat Enterprise Linux 9 | RedHat | bind9.18-32:9.18.29-5.el9_7.2 | * |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | RedHat | bind-32:9.16.23-1.el9_0.11 | * |
| Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | RedHat | bind-32:9.16.23-11.el9_2.9 | * |
| Red Hat Enterprise Linux 9.4 Extended Update Support | RedHat | bind-32:9.16.23-18.el9_4.10 | * |
| Bind9 | Ubuntu | devel | * |
| Bind9 | Ubuntu | esm-infra/bionic | * |
| Bind9 | Ubuntu | esm-infra/focal | * |
| Bind9 | Ubuntu | jammy | * |
| Bind9 | Ubuntu | noble | * |
| Bind9 | Ubuntu | plucky | * |
| Bind9 | Ubuntu | questing | * |
| Bind9 | Ubuntu | upstream | * |