{"id":"CVE-2020-8623","details":"In BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker","modified":"2026-04-11T12:35:11.067650Z","published":"2020-08-21T21:15:12.327Z","related":["CGA-g34j-c49p-9q2q","SUSE-RU-2020:2915-1","SUSE-SU-2020:2914-1","openSUSE-SU-2020:1699-1","openSUSE-SU-2020:1701-1","openSUSE-SU-2024:10650-1"],"database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"9.11.21-s1"}]},{"cpe":"cpe:2.3:a:synology:dns_server:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"fixed":"2.2.2-5027"}]},{"cpe":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"16.04"}]},{"cpe":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"18.04"}]},{"cpe":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"20.04"}]},{"cpe":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"10.0"}]},{"cpe":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"31"}]},{"cpe":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"32"}]},{"cpe":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"15.1"}]},{"cpe":"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"15.2"}]}]},"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"},{"type":"ADVISORY","url":"https://kb.isc.org/docs/cve-2020-8623"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202008-19"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20200827-0003/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4468-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2020/dsa-4752"},{"type":"ADVISORY","url":"https://www.synology.com/security/advisory/Synology_SA_20_19"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.isc.org/isc-projects/bind9","events":[{"introduced":"63fbb3ea39094353765c04a6066b9e1d1013992a"},{"last_affected":"4ce7edb5801e41d14b0da003d97f81b0d73424c9"},{"introduced":"b2307b25465c16d37ff6de22438a2d214287417c"},{"last_affected":"c00b4586ab21960bc2b13989f77ea8465e989187"},{"introduced":"04ca7cc4b6993f47ea61852c759d047c83be7b3f"},{"last_affected":"079e9baebe7d2b42610b9d7bdc0f8a5f78bbe2d5"},{"introduced":"0"},{"last_affected":"341e64a2de908ceec50ed46d243bf3402342735c"},{"last_affected":"19d6c56085e97cf4ac559cdc27edd624127bcb32"}],"database_specific":{"cpe":["cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*","cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"],"source":"CPE_FIELD","extracted_events":[{"introduced":"9.10.0"},{"last_affected":"9.11.21"},{"introduced":"9.12.1"},{"last_affected":"9.16.5"},{"introduced":"9.17.0"},{"last_affected":"9.17.3"},{"introduced":"0"},{"last_affected":"9.10.5-s1"},{"last_affected":"9.0"}]}}],"versions":["v9.0.0","v9.10.0a1","v9.10.0a2","v9.10.0b1","v9.10.0b2","v9.10.0rc1","v9.10.0rc2","v9.10.1","v9.10.1b1","v9.10.1b2","v9.10.1rc1","v9.10.1rc2","v9.10.2","v9.10.2b1","v9.10.2rc1","v9.10.2rc2","v9.10.3","v9.10.3b1","v9.10.3rc1","v9.10.4","v9.10.4b1","v9.10.4b2","v9.10.4b3","v9.10.4rc1","v9.10.5b1","v9.11.0","v9.11.0a1","v9.11.0a2","v9.11.0a3","v9.11.0b1","v9.11.0b2","v9.11.0b3","v9.11.0rc1","v9.11.0rc2","v9.11.0rc3","v9.11.1","v9.11.11","v9.11.14","v9.11.16","v9.11.1b1","v9.11.1rc1","v9.11.1rc2","v9.11.1rc3","v9.11.21","v9.11.2b1","v9.11.2rc1","v9.11.3b1","v9.11.3rc1","v9.11.4","v9.11.4rc2","v9.11.6","v9.11.6rc1","v9.11.7","v9.11.9","v9.12.0a1","v9.12.0b1","v9.12.0b2","v9.12.0rc1","v9.13.0","v9.13.2","v9.13.3","v9.13.4","v9.13.5","v9.13.6","v9.15.0","v9.15.2","v9.15.3","v9.15.4","v9.15.7","v9.15.8","v9.16.0","v9.16.5","v9.17.3","v9.5.0a1","v9.5.0a2","v9.5.0a3","v9.5.0a4","v9.5.0a5","v9.5.0a6","v9.7.0a1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-8623.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}