Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Trending KB Articles

infobloxblog.jpeg

Infoblox NIOS and BloxOne are not vulnerable to CVE-2021-25218

samanna
Adviser
Posts: 321
samanna

Infoblox NIOS and BloxOne are not vulnerable to CVE-2021-25218

Adviser ‎07-30-2021 04:14 PM - edited ‎09-02-2021 04:25 PM

Summary:

Infoblox NIOS and BloxOne products are not vulnerable to CVE-2021-25218.
 

Overview and Impact:

On August 18, 2021 ISC announced a new vulnerability—CVE-2021-25218—addressing a problem introduced in the most recent releases of BIND. This issue can cause the DNS service to exit due to an assertion failure in client.c while processing a response if BIND's max-udp-size parameter is larger than the maximum transmission unit (MTU) for the interface which is sending the response and other conditions are met.

 

BIND releases 9.16.19 and 9.17.16 are affected; the assertion is not reachable in prior versions of the 9.16 and 9.17 branches and the issue is not present in any versions of the 9.11 branch.

 

 

Affected Versions:

Infoblox NIOS and BloxOne products are not vulnerable to this issue as they do not run these affected releases.

Impact:

None.
 

Workaround:

No workaround necessary.
 

Resolution:

No actions needed.

Labels:
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended Discussions

Re: NetMRI 7.6.0 has no in-place upgrade?

Re: Trinzik 1415 EoL question

Re: When do I need Match Clients for DNS Views

Re: Trinzik 1415 EoL question

Re: New ISC bind security issues for Bind 9, NIOS affected?