CVE-2023-5680 MEDIUM

CVE-2023-5680: Cleaning an ECS-enabled cache may cause excessive CPU load

Vendor Isc
Product BIND 9
Published February 13, 2024
Last update March 17, 2025

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

Key dates

02Disclosure timeline

February 13, 2024 CVE published
March 17, 2025 Record updated