Synology-SA-21:23 ISC BIND

Publish Time: 2021-08-20 10:43:23 UTC+8

Last Updated: 2021-08-20 10:43:23 UTC+8

Severity
Not affected
Status
Resolved

Abstract

None of Synology's products are affected by CVE-2021-25218 as this vulnerability only affect ISC BIND 9.16.19 and later.

Affected Products

Product Severity Fixed Release Availability
DNS Server Not affected N/A

Mitigation

None

Detail

  • CVE-2021-25218
    • Severity: Not affected
    • CVSS3 Base Score: 0.0
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    • In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of the BIND Supported Preview Edition.

Reference

Revision

Revision Date Description
1 2021-08-20 Initial public release.