If a server hosts a zone containing a “KEY” Resource Record, or a resolver DNSSEC-validates a “KEY” Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This vulnerability affects the following upstream's bind9 versions: 9.0.0 -> 9.11.37 9.16.0 -> 9.16.50 9.18.0 -> 9.18.27 9.19.0 -> 9.19.24
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:5231 https://access.redhat.com/errata/RHSA-2024:5231
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:5390 https://access.redhat.com/errata/RHSA-2024:5390
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2024:5418 https://access.redhat.com/errata/RHSA-2024:5418
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:5525 https://access.redhat.com/errata/RHSA-2024:5525
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:5524 https://access.redhat.com/errata/RHSA-2024:5524
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2024:5655 https://access.redhat.com/errata/RHSA-2024:5655
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:5813 https://access.redhat.com/errata/RHSA-2024:5813
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:5838 https://access.redhat.com/errata/RHSA-2024:5838
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Via RHSA-2024:5871 https://access.redhat.com/errata/RHSA-2024:5871
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Advanced Update Support Via RHSA-2024:5894 https://access.redhat.com/errata/RHSA-2024:5894
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2024:5907 https://access.redhat.com/errata/RHSA-2024:5907
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2024:5908 https://access.redhat.com/errata/RHSA-2024:5908
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2024:5930 https://access.redhat.com/errata/RHSA-2024:5930
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.16 Via RHSA-2024:6004 https://access.redhat.com/errata/RHSA-2024:6004
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:6009 https://access.redhat.com/errata/RHSA-2024:6009
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:6013 https://access.redhat.com/errata/RHSA-2024:6013
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:6406 https://access.redhat.com/errata/RHSA-2024:6406
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2024:6642 https://access.redhat.com/errata/RHSA-2024:6642