CVE-2021-25215

NameCVE-2021-25215
DescriptionIn BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9 ...
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-2647-1, DSA-4909-1, ELA-418-1
Debian Bugs987742

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
bind9 (PTS)jessie, jessie (lts)1:9.9.5.dfsg-9+deb8u22fixed
stretch1:9.10.3.dfsg.P4-12.3+deb9u6vulnerable
stretch (security)1:9.10.3.dfsg.P4-12.3+deb9u9fixed
buster, buster (security)1:9.11.5.P4+dfsg-5.1+deb10u5fixed
bullseye, sid1:9.16.15-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
bind9sourcejessie1:9.9.5.dfsg-9+deb8u22ELA-418-1
bind9sourcestretch1:9.10.3.dfsg.P4-12.3+deb9u9DLA-2647-1
bind9sourcebuster1:9.11.5.P4+dfsg-5.1+deb10u5DSA-4909-1
bind9source(unstable)1:9.16.15-1987742

Notes

https://kb.isc.org/docs/cve-2021-25215
https://gitlab.isc.org/isc-projects/bind9/commit/dde958717c9bfdc8679764c045c226e3a1468334 (v9_16_15)

Search for package or bug name: Reporting problems