1. Home
  2. Security Alerts
  3. Security Alert (A21-10-22)

 

Security Alert (A21-10-22): Vulnerability in ISC BIND


 

Published on: 29 October 2021

  
  

Description:

ISC has released a security update to fix a vulnerability in BIND.  The details of the security update can be found at:

https://kb.isc.org/v1/docs/cve-2021-25219

 

Affected Systems:

  • BIND 9.3.0 to 9.11.35
  • BIND 9.12.0 to 9.16.21
  • BIND 9.17.0 to 9.17.18
  • BIND 9.9.3-S1 to 9.11.35-S1
  • BIND 9.16.8-S1 to 9.16.21-S1

 

Impact:

Successful exploitation of the vulnerability could lead to denial of service on an affected system.

 

Recommendation:

Internet Systems Consortium (ISC) has released the following patches to solve the problems:

  • BIND 9.11.36
  • BIND 9.16.22
  • BIND 9.17.19
  • BIND 9.11.36-S1
  • BIND 9.16.22-S1

The patches can be downloaded at the following URLs:

https://www.isc.org/download/

Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://kb.isc.org/v1/docs/cve-2021-25219
  • https://downloads.isc.org/isc/bind9/9.11.36/RELEASE-NOTES-bind-9.11.36.html
  • https://downloads.isc.org/isc/bind9/9.16.22/doc/arm/html/notes.html
  • https://downloads.isc.org/isc/bind9/9.17.19/doc/arm/html/notes.html
  • https://www.hkcert.org/security-bulletin/isc-bind-denial-of-service-vulnerability_20211029
  • https://us-cert.cisa.gov/ncas/current-activity/2021/10/28/isc-releases-security-advisory-bind
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219

Tag: BIND , ISC
Tags