VDB
ALPINE-CVE-2021-25219
ALPINE-CVE-2021-25219
PUBLISHED
CVSS 5.300000190734863 MEDIUM
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.
Risk Scores
CVSS v3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.12 | bind | 9.9.3, *, 0 |
| Alpine:v3.19 | bind | *, 9.16.15-r2, 9.14.4-r1 |
| Alpine:v3.20 | bind | 9.10.1_p2-r0, 9.9.5-r0, 9.9.4 |
| Alpine:v3.13 | bind | 9.11.1, 9.11.1, 9.11.2-r0 |
| Alpine:v3.15 | bind | 9.14.8-r5, 9.12.0-r3, 9.12.1 |
| Alpine:v3.18 | bind | 9.10.1, 9.10.1, 9.10.2-r0 |
| Alpine:v3.14 | bind | 9.10.2-r1, 0, 9.10.0-r0 |
| Alpine:v3.21 | bind | 9.7.2_p3-r0, 9.14.7-r5, 9.8.0_p1-r0 |
| Alpine:v3.22 | bind | 9.9.5-r0, 9.7.2_p1-r0, 9.7.2-r0 |
| Alpine:v3.17 | bind | 9.16.15-r2, 9.8.0_p4-r0, 9.8.0_p2-r0 |
| Alpine:v3.23 | bind | 9.14.8-r6, 9.16.11-r0, 9.16.11-r1 |
| Alpine:v3.16 | bind | 9.16.11-r1, 9.16.15-r2, 9.16.16-r2 |
Timeline
- Oct 27, 2021 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch