CVE-2019-6468

Name of the Vulnerable Software and Affected Versions BIND Supported Preview Edition versions 9.10.5-S1 through 9.11.5-S5

Description The issue is related to the nxdomain-redirect feature in the BIND DNS server, specifically when EDNS Client Subnet (ECS) features are supported. It can lead to an assertion failure, causing the service to exit. This can be exploited by a remote attacker to cause a denial of service.

Recommendations For BIND Supported Preview Edition versions 9.10.5-S1 through 9.11.5-S5, consider disabling the nxdomain-redirect feature to prevent the assertion failure until a patch is available. Restrict access to the ECS support feature in the affected versions to minimize the risk of exploitation.