An official website of the United States government
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Cybersecurity & Infrastructure Security Agency
America’s Cyber Defense Agency
Search
America’s Cyber Defense Agency
Alert
Release Date
The Internet Systems Consortium (ISC) has released security advisories to address vulnerabilities affecting ISC’s Berkeley Internet Name Domain (BIND) 9. A malicious cyber actor could exploit these vulnerabilities to cause denial-of-service conditions.
CISA encourages users and administrators to review the following ISC advisories and apply necessary updates or workarounds:
- CVE-2023-4236: named may terminate unexpectedly under high DNS-over-TLS query load
- CVE-2023-3341: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly
This product is provided subject to this Notification and this Privacy & Use policy.
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.
Related Advisories
Alert
CISA Adds One Known Exploited Vulnerability to Catalog
Alert
CISA Releases Six Industrial Control Systems Advisories
Alert
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Alert
Atlassian Releases September Security Bulletin