Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Trending KB Articles

infobloxblog.jpeg

Infoblox NIOS and BloxOne are not vulnerable to CVE-2021-25218

samanna
Adviser
Posts: 321
samanna

Infoblox NIOS and BloxOne are not vulnerable to CVE-2021-25218

Adviser ‎07-30-2021 04:14 PM - edited ‎09-02-2021 04:25 PM

Summary:

Infoblox NIOS and BloxOne products are not vulnerable to CVE-2021-25218.
 

Overview and Impact:

On August 18, 2021 ISC announced a new vulnerability—CVE-2021-25218—addressing a problem introduced in the most recent releases of BIND. This issue can cause the DNS service to exit due to an assertion failure in client.c while processing a response if BIND's max-udp-size parameter is larger than the maximum transmission unit (MTU) for the interface which is sending the response and other conditions are met.

 

BIND releases 9.16.19 and 9.17.16 are affected; the assertion is not reachable in prior versions of the 9.16 and 9.17 branches and the issue is not present in any versions of the 9.11 branch.

 

 

Affected Versions:

Infoblox NIOS and BloxOne products are not vulnerable to this issue as they do not run these affected releases.

Impact:

None.
 

Workaround:

No workaround necessary.
 

Resolution:

No actions needed.

Labels:
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended Discussions

Re: Upgrade path from 8.6.1 to 9.0.1?

Re: Upgrade path from NIOS 8.4.7 to 9.0.4

Re: Admin Auth with AD

Option 121, how to?

How to Replace B1DDI Appliances