vulnerability

Arch Linux: Denial of service (CVE-2018-5745)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:N/AC:M/Au:S/C:N/I:N/A:P)	Oct 9, 2019	Jul 11, 2025	Nov 27, 2025

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:N/A:P)

Published

Oct 9, 2019

Added

Jul 11, 2025

Modified

Nov 27, 2025

Description

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Before 9.13.7, due to an error in the managed-keys feature, it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm.

Solution

arch-linux-upgrade-latest

References

CVE-2018-5745
https://attackerkb.com/topics/CVE-2018-5745
URL-https://access.redhat.com/errata/RHSA-2019:3552
URL-https://kb.isc.org/docs/cve-2018-5745
URL-https://security.archlinux.org/ASA-201902-25
CWE-327

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today