VDB

ALPINE-CVE-2024-4076

ALPINE-CVE-2024-4076 PUBLISHED CVSS 7.5 HIGH

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Alpine:v3.20bind0, 9.10.4_p1-r1, 9.10.4_p2-r0
Alpine:v3.19bind9.16.20-r3, 9.12.0-r2, 9.18.4-r2
Alpine:v3.22bind9.16.6-r0, 9.16.7-r0, 9.16.8-r0
Alpine:v3.18bind9.9.4_p1-r1, 0, 9.10.0-r0
Alpine:v3.23bind9.10.0_p1-r0, 0, 9.9.5-r0
Alpine:v3.17bind9.16.22-r5, 0, 9.9.5-r0
Alpine:v3.24bind0
Alpine:v3.21bind0, 9.9.5-r0, 9.9.4

Timeline

  • Jul 23, 2024 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jun 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›