{"id":"AZL-34351","summary":"CVE-2023-5679 affecting package bind for versions less than 9.16.48-1","details":"A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled.\nThis issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.","modified":"2026-04-01T05:11:26.137886Z","published":"2024-02-13T14:15:45Z","upstream":["CVE-2023-5679"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5679"}],"affected":[{"package":{"name":"bind","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/bind"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.16.48-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-34351.json"}}],"schema_version":"1.7.5"}