公告ID: KYLIN-2020-8619
安全等级: 中等
产品: Kylin V3
发布日期: 2020年6月17日
CVE: CVE-2020-8619
CVSS3评分: 4.9
概述:
Based on upstream affected versions, this flaw only affects the versions of bind shipped with Red Hat Enterprise Linux 8. 描述:
Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable. 系统版本:
KYLIN 3.0.x
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
KYLIN 3.4.x
受影响包列表:
bind
bind97
bind
bind
bind