USN-2837-1 bind9 vulnerability

Severity

Medium

Vendor

bind9

Versions Affected

Ubuntu 14.04

Description

It was discovered that Bind incorrectly handled responses with malformed class attributes. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service.

The Cloud Foundry project released a new Cloud Foundry rootfs, cflinuxfs2 v.1.23.0, that has the patches.

Affected Products and Versions

Severity is medium unless otherwise noted.

All versions of Cloud Foundry cflinuxfs2 prior to v.1.23.0.

Mitigation

Users of affected versions should apply the following mitigation:

The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.23.0 or later versions.

Credit

N/A

References

http://www.ubuntu.com/usn/usn-2837-1
https://bosh.io/stemcells
https://github.com/cloudfoundry/cf-release

USN-2837-1 bind9 vulnerability

Severity

Vendor

Versions Affected

Description

Affected Products and Versions

Mitigation

Credit

References

You Might Also Like

CVE-2016-2165 Loggregator Request URL Paths

USN-3631-2: Linux kernel (Xenial HWE) vulnerabilities

USN-5005-1: DjVuLibre vulnerability

Sign up for the Cloud Foundry Newsletter today!

Sign up for the
Cloud Foundry Newsletter today!