- A vulnerability, CVE-2019-6471 was found in 3rd party software running on our DNS/DHCP appliance.
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c.An attacker who can cause a resolver to perform queries which will be answered by a server which responds with deliberately malformed answers can cause named to exit, denying service to clients.
For more information, see https://kb.isc.org/docs/cve-2019-6471.
- Multiple vulnerabilities, CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479, were found in the Linux kernel that is used on the Men & Mice appliances
In some cases, the vulnerability could allow an attacker to trigger a kernel panic in the system.