{"id":"CVE-2020-8622","details":"In BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.","modified":"2026-04-16T04:39:05.102595469Z","published":"2020-08-21T21:15:12.247Z","related":["CGA-rf4x-r6wh-qhgr","SUSE-RU-2020:2915-1","SUSE-SU-2020:2914-1","SUSE-SU-2021:2876-1","openSUSE-SU-2020:1699-1","openSUSE-SU-2020:1701-1","openSUSE-SU-2024:10650-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/"},{"type":"ADVISORY","url":"https://kb.isc.org/docs/cve-2020-8622"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202008-19"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4468-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4468-2/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2020/dsa-4752"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20200827-0003/"},{"type":"ADVISORY","url":"https://www.synology.com/security/advisory/Synology_SA_20_19"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuoct2021.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.isc.org/isc-projects/bind9","events":[{"introduced":"19d6c56085e97cf4ac559cdc27edd624127bcb32"},{"last_affected":"4ce7edb5801e41d14b0da003d97f81b0d73424c9"},{"introduced":"71a40862c0be867999867cd99e21c2266a5e452b"},{"last_affected":"c00b4586ab21960bc2b13989f77ea8465e989187"},{"introduced":"04ca7cc4b6993f47ea61852c759d047c83be7b3f"},{"last_affected":"079e9baebe7d2b42610b9d7bdc0f8a5f78bbe2d5"},{"introduced":"0"},{"last_affected":"1c59cea1c0e26e2da3f2afb90200bfe9f7748c03"},{"introduced":"0"},{"last_affected":"19d6c56085e97cf4ac559cdc27edd624127bcb32"}],"database_specific":{"versions":[{"introduced":"9.0.0"},{"last_affected":"9.11.21"},{"introduced":"9.12.0"},{"last_affected":"9.16.5"},{"introduced":"9.17.0"},{"last_affected":"9.17.3"},{"introduced":"0"},{"last_affected":"9.9.3-s1"},{"introduced":"0"},{"last_affected":"9.0"}]}}],"versions":["v9.0.0","v9.10.0a1","v9.10.0a2","v9.10.0b1","v9.10.0b2","v9.10.0rc1","v9.11.0","v9.11.0a1","v9.11.0a2","v9.11.0a3","v9.11.0b1","v9.11.0b2","v9.11.0b3","v9.11.0rc1","v9.11.0rc2","v9.11.0rc3","v9.11.1","v9.11.11","v9.11.14","v9.11.16","v9.11.1b1","v9.11.1rc1","v9.11.1rc2","v9.11.1rc3","v9.11.21","v9.11.2b1","v9.11.2rc1","v9.11.3b1","v9.11.3rc1","v9.11.4","v9.11.4rc2","v9.11.6","v9.11.6rc1","v9.11.7","v9.11.9","v9.12.0a1","v9.12.0b1","v9.12.0b2","v9.12.0rc1","v9.13.0","v9.13.2","v9.13.3","v9.13.4","v9.13.5","v9.13.6","v9.15.0","v9.15.2","v9.15.3","v9.15.4","v9.15.7","v9.15.8","v9.16.0","v9.16.5","v9.17.3","v9.5.0a1","v9.5.0a2","v9.5.0a3","v9.5.0a4","v9.5.0a5","v9.5.0a6","v9.7.0a1","v9.9.0","v9.9.0rc3","v9.9.0rc4","v9.9.1","v9.9.2b1","v9.9.2rc1","v9.9.3b1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8622.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.11.21-s1"}]},{"events":[{"introduced":"0"},{"last_affected":"31"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.04"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"20.04"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.2"}]},{"events":[{"introduced":"0"},{"fixed":"2.2.2-5028"}]},{"events":[{"introduced":"8.0.0"},{"last_affected":"8.5.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}