While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.

Related CVEs

CVE-2018-5734

Key Information

GHSA ID

GHSA-g395-wpqc-cmpv

Published

May 13, 2022 1:32 AM

Last Modified

May 13, 2022 1:32 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 5, 2025 6:46 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.