| Name | CVE-2023-5680 |
| Description | If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| bind9 (PTS) | jessie, jessie (lts) | 1:9.9.5.dfsg-9+deb8u30 | fixed |
| stretch (security) | 1:9.10.3.dfsg.P4-12.3+deb9u12 | fixed | |
| stretch (lts), stretch | 1:9.10.3.dfsg.P4-12.3+deb9u15 | fixed | |
| buster | 1:9.11.5.P4+dfsg-5.1+deb10u7 | fixed | |
| buster (security) | 1:9.11.5.P4+dfsg-5.1+deb10u10 | fixed | |
| bullseye | 1:9.16.44-1~deb11u1 | fixed | |
| bullseye (security) | 1:9.16.48-1 | fixed | |
| bookworm | 1:9.18.19-1~deb12u1 | fixed | |
| bookworm (security) | 1:9.18.24-1 | fixed | |
| sid, trixie | 1:9.19.21-1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| bind9 | source | (unstable) | (not affected) |
- bind9 <not-affected> (Only impacts BIND Supported Preview Edition)