CVE-2021-25215 vulnerability in Canonical and Other Products
Published on April 29, 2021
An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
Vulnerability Analysis
CVE-2021-25215 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Products Associated with CVE-2021-25215
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-25215 are published in these products:
Affected Versions
ISC BIND9:- Version Open Source Branches 9.0 through 9.11 9.0.0 through versions before 9.11.30 is affected.
- Version Open Source Branches 9.12 through 9.16 9.12.0 through versions before 9.16.14 is affected.
- Version Supported Preview Branches 9.9-S through 9.11-S 9.9.3-S1 through versions before 9.11.30-S1 is affected.
- Version Supported Preview Branch 9.16-S 9.16.8-S1 through versions before 9.16.14-S1 is affected.
- Version Development Branch 9.17 9.17.0 through versiosn before 9.17.12 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.