VDB
DEBIAN-CVE-2017-3135
DEBIAN-CVE-2017-3135
PUBLISHED
CVSS 5.900000095367432 MEDIUM
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
Risk Scores
CVSS v3.0
5.900000095367432
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | bind9 | 0, 0, 0 |
| Debian:13 | bind9 | 0, 0, 0 |
| Debian:12 | bind9 | 0, 0, 0 |
| Debian:14 | bind9 | 0, 0, 0 |
Timeline
- Jan 16, 2019 CVE Published
- Apr 28, 2026 CVE Updated