suse · CVE-2017-3137

Quick triage

Priority: high Published: 2021-05-30 13:50:47 UTC Updated: 2026-04-18 15:47:53 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-3137 severity important: SUSE including 212 source package names (bind, bind-9.11.2-1.24, …), 532 product×package rows across 69 product lines (SUSE CaaS Platform 3.0, SUSE CaaS Platform 4.0, … (69 product lines)): Fixed 325, Known Not Affected 207.

Description:

Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.

cvelogic Threat Intelligence