cvedb.io
CVE-2018-5734
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2019-01-16T20:29:00.800 · Last modified 2026-06-17T02:00:40.877

Summary

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.

Affected products

isc — bind

Does this affect you?

Add your gear to cvedb and we'll alert you only when isc ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.