CVE-2016-2848

Name of the Vulnerable Software and Affected Versions ISC BIND versions 9.1.0 through 9.8.4-P2 ISC BIND versions 9.9.0 through 9.9.2-P2

Description The issue allows remote attackers to cause a denial of service, resulting in an assertion failure and daemon exit, by sending a specially crafted DNS packet with malformed options data in an OPT resource record.

Recommendations For versions 9.1.0 through 9.8.4-P2, update to a version later than 9.8.4-P2 to resolve the issue. For versions 9.9.0 through 9.9.2-P2, update to a version later than 9.9.2-P2 to resolve the issue. As a temporary workaround, consider restricting access to the DNS service to minimize the risk of exploitation.