VDB
ALPINE-CVE-2024-4076
ALPINE-CVE-2024-4076
PUBLISHED
CVSS 7.5 HIGH
Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.20 | bind | 0, 9.10.4_p1-r1, 9.10.4_p2-r0 |
| Alpine:v3.19 | bind | 9.16.20-r3, 9.12.0-r2, 9.18.4-r2 |
| Alpine:v3.22 | bind | 9.16.6-r0, 9.16.7-r0, 9.16.8-r0 |
| Alpine:v3.18 | bind | 9.9.4_p1-r1, 0, 9.10.0-r0 |
| Alpine:v3.23 | bind | 9.10.0_p1-r0, 0, 9.9.5-r0 |
| Alpine:v3.17 | bind | 9.16.22-r5, 0, 9.9.5-r0 |
| Alpine:v3.24 | bind | 0 |
| Alpine:v3.21 | bind | 0, 9.9.5-r0, 9.9.4 |
Timeline
- Jul 23, 2024 CVE Published
- Apr 30, 2026 Distribution Patch
- Jun 15, 2026 CVE Updated