{"id":"CVE-2018-5744","details":"A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 -\u003e 9.10.8-P1, 9.11.3 -\u003e 9.11.5-P1, 9.12.0 -\u003e 9.12.3-P1, and versions 9.10.7-S1 -\u003e 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -\u003e 9.13.6 of the 9.13 development branch are also affected.","modified":"2026-04-10T04:10:58.339414Z","published":"2019-10-09T16:15:13.907Z","related":["CGA-qrh6-fc68-p33m"],"references":[{"type":"ADVISORY","url":"https://kb.isc.org/docs/cve-2018-5744"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.isc.org/isc-projects/bind9","events":[{"introduced":"db65d701b999d10e555c13454bceb74df4494975"},{"fixed":"12f71327ff796ed24752a4286fc0b3d9b21a4a57"},{"introduced":"a37581543167cd471036b0d43e767c9ffb825625"},{"fixed":"3b0b2047cea8d9e61d0c1eabe2d3c958997e8be4"},{"introduced":"71a40862c0be867999867cd99e21c2266a5e452b"},{"fixed":"6c8e92c06d2d5b5904c925ca48564a93f1edba44"},{"introduced":"29b3a7d84240a51099490c0f39ae537f4e0d6a7a"},{"fixed":"acfbf1ae9438873ef2fccacd5b3692f1aab99939"},{"introduced":"0"},{"last_affected":"fe1302d54424009769409e46c0d50c0bcccd1d31"},{"introduced":"0"},{"last_affected":"12f71327ff796ed24752a4286fc0b3d9b21a4a57"},{"introduced":"0"},{"last_affected":"0279263e6d9ab64cb5920d123745e24553e4c8b2"},{"introduced":"0"},{"last_affected":"2b459063a1c7a247b877704217da93a24c71189d"},{"introduced":"0"},{"last_affected":"3b0b2047cea8d9e61d0c1eabe2d3c958997e8be4"},{"introduced":"0"},{"last_affected":"647dac6f96293b98d9d865d367feb74710cd9b46"},{"introduced":"0"},{"last_affected":"426dbf0bef23292103430aaa386182a22213c9ad"},{"introduced":"0"},{"last_affected":"6c8e92c06d2d5b5904c925ca48564a93f1edba44"},{"introduced":"0"},{"last_affected":"cfdd35f26ac4509cec614284ce036e487a552504"},{"introduced":"0"},{"last_affected":"08a6a2d8923caecdeadbdea136ceee9a88ba1eac"}],"database_specific":{"versions":[{"introduced":"9.10.7"},{"fixed":"9.10.8"},{"introduced":"9.11.3"},{"fixed":"9.11.5"},{"introduced":"9.12.0"},{"fixed":"9.12.3"},{"introduced":"9.13.0"},{"fixed":"9.13.6"},{"introduced":"0"},{"last_affected":"9.10.7-s1"},{"introduced":"0"},{"last_affected":"9.10.8-NA"},{"introduced":"0"},{"last_affected":"9.10.8-rc1"},{"introduced":"0"},{"last_affected":"9.10.8-rc2"},{"introduced":"0"},{"last_affected":"9.11.5-NA"},{"introduced":"0"},{"last_affected":"9.11.5-p1"},{"introduced":"0"},{"last_affected":"9.11.5-rc1"},{"introduced":"0"},{"last_affected":"9.12.3-NA"},{"introduced":"0"},{"last_affected":"9.12.3-p1"},{"introduced":"0"},{"last_affected":"9.12.3-rc1"}]}}],"versions":["v9.10.0a1","v9.10.0a2","v9.10.0b1","v9.10.0b2","v9.10.0rc1","v9.10.0rc2","v9.10.1","v9.10.1b1","v9.10.1b2","v9.10.1rc1","v9.10.1rc2","v9.10.2","v9.10.2b1","v9.10.2rc1","v9.10.2rc2","v9.10.3","v9.10.3b1","v9.10.3rc1","v9.10.4","v9.10.4b1","v9.10.4b2","v9.10.4b3","v9.10.4rc1","v9.10.5","v9.10.5b1","v9.10.5rc1","v9.10.5rc2","v9.10.5rc3","v9.10.6b1","v9.10.6rc1","v9.10.7b1","v9.10.7rc1","v9.10.8","v9.10.8rc1","v9.10.8rc2","v9.11.0","v9.11.0a1","v9.11.0a2","v9.11.0a3","v9.11.0b1","v9.11.0b2","v9.11.0b3","v9.11.0rc1","v9.11.0rc2","v9.11.0rc3","v9.11.1","v9.11.1b1","v9.11.1rc1","v9.11.1rc2","v9.11.1rc3","v9.11.2b1","v9.11.2rc1","v9.11.3b1","v9.11.3rc1","v9.11.4","v9.11.4rc2","v9.11.5","v9.11.5-P1","v9.11.5rc1","v9.12.0a1","v9.12.0b1","v9.12.0b2","v9.12.0rc1","v9.12.1b1","v9.12.1rc1","v9.12.2","v9.12.2rc2","v9.12.3","v9.12.3-P1","v9.12.3rc1","v9.13.0","v9.13.2","v9.13.3","v9.13.4","v9.13.5","v9.5.0a1","v9.5.0a2","v9.5.0a3","v9.5.0a4","v9.5.0a5","v9.5.0a6","v9.7.0a1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5744.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.10.8-p1"}]},{"events":[{"introduced":"0"},{"last_affected":"9.11.5-s3"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}