{"id":"CVE-2016-9131","details":"named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.","modified":"2026-07-08T05:48:42.285599968Z","published":"2017-01-12T06:59:00.250Z","related":["CGA-vr7h-f33q-jgjr","SUSE-SU-2017:0111-1","SUSE-SU-2017:0112-1","SUSE-SU-2017:0113-1","openSUSE-SU-2024:10650-1"],"database_specific":{"unresolved_ranges":[{"extracted_events":[{"introduced":"8.0"},{"last_affected":"8.0"}],"cpes":["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"debian:debian_linux"},{"extracted_events":[{"introduced":"7.0"},{"last_affected":"7.0"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"redhat:enterprise_linux_desktop"},{"extracted_events":[{"introduced":"7.2"},{"last_affected":"7.2"},{"introduced":"7.3"},{"last_affected":"7.3"},{"introduced":"7.4"},{"last_affected":"7.4"},{"introduced":"7.5"},{"last_affected":"7.5"},{"introduced":"7.6"},{"last_affected":"7.6"},{"introduced":"7.7"},{"last_affected":"7.7"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"redhat:enterprise_linux_eus"},{"extracted_events":[{"introduced":"7.0"},{"last_affected":"7.0"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"redhat:enterprise_linux_server"},{"extracted_events":[{"introduced":"7.2"},{"last_affected":"7.2"},{"introduced":"7.3"},{"last_affected":"7.3"},{"introduced":"7.4"},{"last_affected":"7.4"},{"introduced":"7.6"},{"last_affected":"7.6"},{"introduced":"7.7"},{"last_affected":"7.7"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"redhat:enterprise_linux_server_aus"},{"extracted_events":[{"introduced":"7.2"},{"last_affected":"7.2"},{"introduced":"7.3"},{"last_affected":"7.3"},{"introduced":"7.6"},{"last_affected":"7.6"},{"introduced":"7.7"},{"last_affected":"7.7"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"redhat:enterprise_linux_server_tus"},{"extracted_events":[{"introduced":"7.0"},{"last_affected":"7.0"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_server_workstation:7.0:*:*:*:*:*:*:*"],"source":"CPE_STRING","vendor_product":"redhat:enterprise_linux_server_workstation"}]},"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2017-0062.html"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3758"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/95386"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1037582"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1583"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201708-01"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20180926-0005/"},{"type":"FIX","url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687"},{"type":"FIX","url":"https://kb.isc.org/article/AA-01439/74/CVE-2016-9131"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/isc-projects/bind9","events":[{"introduced":"19d6c56085e97cf4ac559cdc27edd624127bcb32"},{"last_affected":"2d6d4babba5b5d2237bd37c0e4c3c993b7efd255"},{"introduced":"63fbb3ea39094353765c04a6066b9e1d1013992a"},{"last_affected":"2799933bc6790356d4b3eebdfe21dc0f87977f14"},{"introduced":"b7843f9794be456c53d7dc0b51ead89f2c5d3351"},{"last_affected":"e0815f81205101e6fce3aa87dead307ea9624df3"}],"database_specific":{"extracted_events":[{"introduced":"9.0"},{"last_affected":"9.9.8"},{"introduced":"9.10.0"},{"last_affected":"9.10.3"},{"introduced":"9.9.9-NA"},{"last_affected":"9.9.9-NA"},{"introduced":"9.9.9-b1"},{"last_affected":"9.9.9-b1"},{"introduced":"9.9.9-p1"},{"last_affected":"9.9.9-p1"},{"introduced":"9.9.9-b2"},{"last_affected":"9.9.9-b2"},{"introduced":"9.9.9-p3"},{"last_affected":"9.9.9-p3"},{"introduced":"9.9.9-p4"},{"last_affected":"9.9.9-p4"},{"introduced":"9.10.4-b2"},{"last_affected":"9.10.4-b2"},{"introduced":"9.10.4-p2"},{"last_affected":"9.10.4-p2"},{"introduced":"9.10.4-b3"},{"last_affected":"9.10.4-b3"},{"introduced":"9.10.4-p3"},{"last_affected":"9.10.4-p3"},{"introduced":"9.10.4-p4"},{"last_affected":"9.10.4-p4"},{"introduced":"9.10.4-rc1"},{"last_affected":"9.10.4-rc1"},{"introduced":"9.11.0-a1"},{"last_affected":"9.11.0-a1"},{"introduced":"9.11.0-b1"},{"last_affected":"9.11.0-b1"},{"introduced":"9.11.0-p1"},{"last_affected":"9.11.0-p1"},{"introduced":"9.11.0-a2"},{"last_affected":"9.11.0-a2"},{"introduced":"9.11.0-b2"},{"last_affected":"9.11.0-b2"},{"introduced":"9.11.0-a3"},{"last_affected":"9.11.0-a3"},{"introduced":"9.11.0-b3"},{"last_affected":"9.11.0-b3"},{"introduced":"9.11.0-rc1"},{"last_affected":"9.11.0-rc1"}],"source":["CPE_RANGE","CPE_STRING"],"cpe":["cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:-:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:b1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:b2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:p3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:p4:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:b2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:b3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:rc1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:a1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:b1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:a2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:b2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:a3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:b3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:rc1:*:*:*:*:*:*"]}}],"versions":["9.10.4-b2","9.10.4-b3","9.10.4-p4","9.10.4-rc1","9.11.0-a1","9.11.0-a2","9.11.0-a3","9.11.0-rc1","9.9.9-NA","9.9.9-b1","9.9.9-b2","9.9.9-p3","9.9.9-p4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9131.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.isc.org/isc-projects/bind9","events":[{"introduced":"19d6c56085e97cf4ac559cdc27edd624127bcb32"},{"last_affected":"2d6d4babba5b5d2237bd37c0e4c3c993b7efd255"},{"introduced":"63fbb3ea39094353765c04a6066b9e1d1013992a"},{"last_affected":"2799933bc6790356d4b3eebdfe21dc0f87977f14"},{"introduced":"b7843f9794be456c53d7dc0b51ead89f2c5d3351"},{"last_affected":"e0815f81205101e6fce3aa87dead307ea9624df3"}],"database_specific":{"extracted_events":[{"introduced":"9.0"},{"last_affected":"9.9.8"},{"introduced":"9.10.0"},{"last_affected":"9.10.3"},{"introduced":"9.9.9-NA"},{"last_affected":"9.9.9-NA"},{"introduced":"9.9.9-b1"},{"last_affected":"9.9.9-b1"},{"introduced":"9.9.9-p1"},{"last_affected":"9.9.9-p1"},{"introduced":"9.9.9-b2"},{"last_affected":"9.9.9-b2"},{"introduced":"9.9.9-p3"},{"last_affected":"9.9.9-p3"},{"introduced":"9.9.9-p4"},{"last_affected":"9.9.9-p4"},{"introduced":"9.10.4-b2"},{"last_affected":"9.10.4-b2"},{"introduced":"9.10.4-p2"},{"last_affected":"9.10.4-p2"},{"introduced":"9.10.4-b3"},{"last_affected":"9.10.4-b3"},{"introduced":"9.10.4-p3"},{"last_affected":"9.10.4-p3"},{"introduced":"9.10.4-p4"},{"last_affected":"9.10.4-p4"},{"introduced":"9.10.4-rc1"},{"last_affected":"9.10.4-rc1"},{"introduced":"9.11.0-a1"},{"last_affected":"9.11.0-a1"},{"introduced":"9.11.0-b1"},{"last_affected":"9.11.0-b1"},{"introduced":"9.11.0-p1"},{"last_affected":"9.11.0-p1"},{"introduced":"9.11.0-a2"},{"last_affected":"9.11.0-a2"},{"introduced":"9.11.0-b2"},{"last_affected":"9.11.0-b2"},{"introduced":"9.11.0-a3"},{"last_affected":"9.11.0-a3"},{"introduced":"9.11.0-b3"},{"last_affected":"9.11.0-b3"},{"introduced":"9.11.0-rc1"},{"last_affected":"9.11.0-rc1"}],"source":["CPE_RANGE","CPE_STRING"],"cpe":["cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:-:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:b1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:b2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:p3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:p4:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:b2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:b3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:rc1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:a1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:b1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:a2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:b2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:a3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:b3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:rc1:*:*:*:*:*:*"]}}],"versions":["9.10.4-b2","9.10.4-b3","9.10.4-p4","9.10.4-rc1","9.11.0-a1","9.11.0-a2","9.11.0-a3","9.11.0-rc1","9.9.9-NA","9.9.9-b1","9.9.9-b2","9.9.9-p3","9.9.9-p4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9131.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}