infobloxblog.jpeg

Infoblox NIOS and BloxOne are not vulnerable to CVE-2021-25218

Summary:

Infoblox NIOS and BloxOne products are not vulnerable to CVE-2021-25218.
 

Overview and Impact:

On August 18, 2021 ISC announced a new vulnerability—CVE-2021-25218—addressing a problem introduced in the most recent releases of BIND. This issue can cause the DNS service to exit due to an assertion failure in client.c while processing a response if BIND's max-udp-size parameter is larger than the maximum transmission unit (MTU) for the interface which is sending the response and other conditions are met.

 

BIND releases 9.16.19 and 9.17.16 are affected; the assertion is not reachable in prior versions of the 9.16 and 9.17 branches and the issue is not present in any versions of the 9.11 branch.

 

 

Affected Versions:

Infoblox NIOS and BloxOne products are not vulnerable to this issue as they do not run these affected releases.

Impact:

None.
 

Workaround:

No workaround necessary.
 

Resolution:

No actions needed.

Showing results for 
Search instead for 
Did you mean: