Alpine: multiple bind packages: security update to 9.11.0_p5-r0

high Tenable Cloud Security Plugin ID 423693

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion
failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service
against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects
BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1,
9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8. (CVE-2017-3136)

- Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or
DNAME resource records could lead to a situation in which named would exit with an assertion failure when
processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6,
9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
(CVE-2017-3137)

- named contains a feature which allows operators to issue commands to a running server by communicating
with the server process over a control channel, using a utility program such as rndc. A regression
introduced in a recent feature change has created a situation under which some versions of named can be
caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND
9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4,
9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9. (CVE-2017-3138)

See Also

https://security.alpinelinux.org/vuln/CVE-2017-3136

https://security.alpinelinux.org/vuln/CVE-2017-3137

https://security.alpinelinux.org/vuln/CVE-2017-3138

Plugin Details

Severity: High

ID: 423693

Version: Revision 1.8

Type: Local

Published: 4/4/2025

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 5

Percentile: 95.09

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2017-3137

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 3/12/2017

Reference Information

CVE: CVE-2017-3136, CVE-2017-3137, CVE-2017-3138

BID: 97651, 97653, 97657