In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.
References
Link | Resource |
---|---|
https://kb.isc.org/docs/cve-2020-8620 | Vendor Advisory |
https://security.netapp.com/advisory/ntap-20200827-0003/ | Third Party Advisory |
https://usn.ubuntu.com/4468-1/ | Third Party Advisory |
https://security.gentoo.org/glsa/202008-19 | Third Party Advisory |
https://www.synology.com/security/advisory/Synology_SA_20_19 | Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html | Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Information
Published : 2020-08-21 14:15
Updated : 2022-06-02 13:34
NVD link : CVE-2020-8620
Mitre link : CVE-2020-8620
JSON object : View
CWE
CWE-617
Reachable Assertion
Products Affected
canonical
- ubuntu_linux
opensuse
- leap
netapp
- steelstore_cloud_integrated_storage
isc
- bind