{"id":"CVE-2021-25215","details":"In BIND 9.0.0 -\u003e 9.11.29, 9.12.0 -\u003e 9.16.13, and versions BIND 9.9.3-S1 -\u003e 9.11.29-S1 and 9.16.8-S1 -\u003e 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -\u003e 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.","modified":"2026-07-08T05:58:56.851568620Z","published":"2021-04-29T01:15:08.013Z","related":["CGA-h5gp-rxc4-qpr7","SUSE-SU-2021:1468-1","SUSE-SU-2021:1469-1","SUSE-SU-2021:1471-1","SUSE-SU-2021:14714-1","SUSE-SU-2021:1826-1","openSUSE-SU-2021:0668-1","openSUSE-SU-2021:1826-1","openSUSE-SU-2024:10650-1"],"database_specific":{"unresolved_ranges":[{"extracted_events":[{"introduced":"7.4.0"},{"last_affected":"7.7.1"}],"vendor_product":"oracle:tekelec_platform_distribution","source":"CPE_RANGE","cpes":["cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*"]},{"extracted_events":[{"fixed":"1.0.1.1"}],"vendor_product":"siemens:sinec_infrastructure_network_services","source":"CPE_RANGE","cpes":["cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*"]},{"extracted_events":[{"introduced":"9.0"},{"last_affected":"9.0"},{"introduced":"10.0"},{"last_affected":"10.0"}],"vendor_product":"debian:debian_linux","source":"CPE_STRING","cpes":["cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]},{"extracted_events":[{"introduced":"33"},{"last_affected":"33"},{"introduced":"34"},{"last_affected":"34"}],"vendor_product":"fedoraproject:fedora","source":"CPE_STRING","cpes":["cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"]},{"vendor_product":"isc:bind","extracted_events":[{"introduced":"9.9.13-s1"},{"last_affected":"9.9.13-s1"},{"introduced":"9.9.13-s1"},{"last_affected":"9.9.13-s1"},{"introduced":"9.11.5-s3"},{"last_affected":"9.11.5-s3"},{"introduced":"9.11.5-s3"},{"last_affected":"9.11.5-s3"},{"introduced":"9.11.5-s5"},{"last_affected":"9.11.5-s5"},{"introduced":"9.11.5-s5"},{"last_affected":"9.11.5-s5"},{"introduced":"9.11.5-s6"},{"last_affected":"9.11.5-s6"},{"introduced":"9.11.5-s6"},{"last_affected":"9.11.5-s6"},{"introduced":"9.11.7-s1"},{"last_affected":"9.11.7-s1"},{"introduced":"9.11.7-s1"},{"last_affected":"9.11.7-s1"},{"introduced":"9.11.8-s1"},{"last_affected":"9.11.8-s1"},{"introduced":"9.11.8-s1"},{"last_affected":"9.11.8-s1"},{"introduced":"9.11.12-s1"},{"last_affected":"9.11.12-s1"},{"introduced":"9.11.12-s1"},{"last_affected":"9.11.12-s1"},{"introduced":"9.11.21-s1"},{"last_affected":"9.11.21-s1"},{"introduced":"9.11.21-s1"},{"last_affected":"9.11.21-s1"},{"introduced":"9.11.27-s1"},{"last_affected":"9.11.27-s1"},{"introduced":"9.11.27-s1"},{"last_affected":"9.11.27-s1"},{"introduced":"9.11.29-s1"},{"last_affected":"9.11.29-s1"},{"introduced":"9.11.29-s1"},{"last_affected":"9.11.29-s1"},{"introduced":"9.16.8-s1"},{"last_affected":"9.16.8-s1"},{"introduced":"9.16.8-s1"},{"last_affected":"9.16.8-s1"},{"introduced":"9.16.11-s1"},{"last_affected":"9.16.11-s1"},{"introduced":"9.16.11-s1"},{"last_affected":"9.16.11-s1"},{"introduced":"9.16.13-s1"},{"last_affected":"9.16.13-s1"},{"introduced":"9.16.13-s1"},{"last_affected":"9.16.13-s1"}],"source":"CPE_STRING","cpes":["cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.9.13:s1:*:*:supported_preview:*:*:*"]}]},"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/04/29/1"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/04/29/2"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/04/29/3"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/04/29/4"},{"type":"ADVISORY","url":"https://kb.isc.org/v1/docs/cve-2021-25215"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20210521-0006/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2021/dsa-4909"},{"type":"FIX","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuoct2021.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/isc-projects/bind9","events":[{"introduced":"19d6c56085e97cf4ac559cdc27edd624127bcb32"},{"fixed":"ac3f4eb88b9f1581d141458b99635bf2cb9db1ba"},{"introduced":"71a40862c0be867999867cd99e21c2266a5e452b"},{"fixed":"4469e3e6269d03d06286fd451490a1650bd9609e"},{"introduced":"04ca7cc4b6993f47ea61852c759d047c83be7b3f"},{"fixed":"50d43fc5905e4bc07acffbb5044ab8e40a1e461e"},{"introduced":"1c59cea1c0e26e2da3f2afb90200bfe9f7748c03"},{"last_affected":"eba38b89007f65bc6c1fdd2451034bbe3908b9a4"}],"database_specific":{"extracted_events":[{"introduced":"9.0.0"},{"fixed":"9.11.31"},{"introduced":"9.12.0"},{"fixed":"9.16.15"},{"introduced":"9.17.0"},{"fixed":"9.17.12"},{"introduced":"9.9.3-s1"},{"last_affected":"9.9.3-s1"},{"introduced":"9.9.12-s1"},{"last_affected":"9.9.12-s1"},{"introduced":"9.10.5-s1"},{"last_affected":"9.10.5-s1"},{"introduced":"9.10.7-s1"},{"last_affected":"9.10.7-s1"},{"introduced":"9.11.3-s1"},{"last_affected":"9.11.3-s1"},{"introduced":"9.11.6-s1"},{"last_affected":"9.11.6-s1"}],"cpe":["cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*","cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*"],"source":["CPE_RANGE","CPE_STRING"]}}],"versions":["9.10.5-s1","9.10.7-s1","9.11.3-s1","9.11.6-s1","9.9.12-s1","9.9.3-s1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25215.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.isc.org/isc-projects/bind9","events":[{"introduced":"19d6c56085e97cf4ac559cdc27edd624127bcb32"},{"fixed":"ac3f4eb88b9f1581d141458b99635bf2cb9db1ba"},{"introduced":"71a40862c0be867999867cd99e21c2266a5e452b"},{"fixed":"4469e3e6269d03d06286fd451490a1650bd9609e"},{"introduced":"04ca7cc4b6993f47ea61852c759d047c83be7b3f"},{"fixed":"50d43fc5905e4bc07acffbb5044ab8e40a1e461e"},{"introduced":"1c59cea1c0e26e2da3f2afb90200bfe9f7748c03"},{"last_affected":"eba38b89007f65bc6c1fdd2451034bbe3908b9a4"}],"database_specific":{"extracted_events":[{"introduced":"9.0.0"},{"fixed":"9.11.31"},{"introduced":"9.12.0"},{"fixed":"9.16.15"},{"introduced":"9.17.0"},{"fixed":"9.17.12"},{"introduced":"9.9.3-s1"},{"last_affected":"9.9.3-s1"},{"introduced":"9.9.12-s1"},{"last_affected":"9.9.12-s1"},{"introduced":"9.10.5-s1"},{"last_affected":"9.10.5-s1"},{"introduced":"9.10.7-s1"},{"last_affected":"9.10.7-s1"},{"introduced":"9.11.3-s1"},{"last_affected":"9.11.3-s1"},{"introduced":"9.11.6-s1"},{"last_affected":"9.11.6-s1"}],"cpe":["cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*","cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*","cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*"],"source":["CPE_RANGE","CPE_STRING"]}}],"versions":["9.10.5-s1","9.10.7-s1","9.11.3-s1","9.11.6-s1","9.9.12-s1","9.9.3-s1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25215.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}