suse · CVE-2016-2776

Quick triage

Priority: high Published: 2021-05-30 13:39:55 UTC Updated: 2026-04-18 17:58:11 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-2776 severity important: SUSE including 476 source package names (amazon/suse-sles-15-sp1-chost-byos-v20210304-hvm-ssd-x86_64, amazon/suse-sles-15-sp1-chost-byos-v20220127-hvm-ssd-x86_64, …), 684 product×package rows across 59 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise Desktop 12 SP1, … (59 product lines)): Fixed 429, Known Affected 157, Known Not Affected 98.

Description:

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

cvelogic Threat Intelligence