CVE-2023-2911

Summary

CVE-2023-2911 is a stack overflow vulnerability affecting various versions of BIND 9, including 9.16.33 through 9.18.15, and their corresponding security updates. This issue arises when the `recursive-clients` quota is exceeded on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`. A sequence of serve-stale-related lookups can cause the `named` process to loop and terminate unexpectedly, leading to potential denial-of-service (DoS) scenarios. To mitigate this risk, it is recommended to update to the latest, unaffected version of BIND 9 as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.