CVE-2019-6469
HIGHBIND 9.10.5-S1-9.11.6-S1 - Reachable Assertion via Malformed RRSIGs in EDNS Client Subnet Feature
Title source: llmDescription
An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_confirm
https://kb.isc.org/docs/cve-2019-6469
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K39751401?utm_source=f5support&%3Butm_medium=RSS
Scores
CVSS v3
7.5
EPSS
0.0106
EPSS Percentile
77.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-617
Status
published
Products (2)
isc/bind
9.10.5 s1
isc/bind
9.11.6 s1
Published
Oct 09, 2019
Tracked Since
Feb 18, 2026