Skip to Main Content

ISC Releases Security Advisories for BIND

The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.


An assertion check in BIND (that is meant to prevent going beyond the end of a buffer when processing incoming data) can be incorrectly triggered by a large response during zone transfer.


An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.

Review the ISC advisories for CVE-2020-8618 and CVE-2020-8619 for more information and to apply the necessary updates.