Questions about CVE-2024-11187
Petr Špaček
pspacek at isc.org
Tue Mar 4 09:14:10 UTC 2025
On 04. 03. 25 9:53, Laszlo Szollosi wrote:
> Many thanks for your response.
> By mitigation, I mean we have seen an increase in resource utilization,
> but it would have been much worse without the 'minimal-responses'
> setting (reduced impact).
> By prevention, I mean we would not have had the impact at all.
> By a spike, I mean the CPU utilization jumps, and then falls. That is
> not what we experienced. We had the resource consumption continuously
> for 3 hours on our first incident.
Oh, that's very important 'detail'. If it were CVE-2024-11187 it would
have to be correlated to increased traffic. If the resource utilization
lasted so long without corresponding high traffic it is probably a
different bug.
--
Petr Špaček
Internet Systems Consortium
More information about the bind-users
mailing list