THE GAME HAS CHANGED

Introducing Infoblox Universal DDI ManagementTM

Watch the launch to discover the new era of management for critical network services. Watch Now

Trending KB Articles

infobloxblog.jpeg

Infoblox NIOS and BloxOne are not vulnerable to CVE-2021-25218

samanna
Adviser
Posts: 321
samanna

Infoblox NIOS and BloxOne are not vulnerable to CVE-2021-25218

Adviser ‎07-30-2021 04:14 PM - edited ‎09-02-2021 04:25 PM

Summary:

Infoblox NIOS and BloxOne products are not vulnerable to CVE-2021-25218.
 

Overview and Impact:

On August 18, 2021 ISC announced a new vulnerability—CVE-2021-25218—addressing a problem introduced in the most recent releases of BIND. This issue can cause the DNS service to exit due to an assertion failure in client.c while processing a response if BIND's max-udp-size parameter is larger than the maximum transmission unit (MTU) for the interface which is sending the response and other conditions are met.

 

BIND releases 9.16.19 and 9.17.16 are affected; the assertion is not reachable in prior versions of the 9.16 and 9.17 branches and the issue is not present in any versions of the 9.11 branch.

 

 

Affected Versions:

Infoblox NIOS and BloxOne products are not vulnerable to this issue as they do not run these affected releases.

Impact:

None.
 

Workaround:

No workaround necessary.
 

Resolution:

No actions needed.

Labels:
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended Discussions

Re: NIOS DDI DHCP migration

Re: Option 121, how to?

Re: RegreSSHion vulnerability (CVE-2024-6387)

Re: Is NIOS affected by these four new ISC BIND CVEs?

Is NIOS affected by these four new ISC BIND CVEs?