Information regarding a highly critical remote BIND issue affecting 9.7, 9.8 and 9.9 has surfaced, affecting millions of DNS servers around the globe. It’s been marked as Critical and is remote exploitable. When exploited, it causes a DoS.
“A flaw in a library used by BIND 9.7, 9.8, and 9.9, when compiled on Unix and related operating systems, allows an attacker to deliberately cause excessive memory consumption by the named process, potentially resulting in exhaustion of memory resources on the affected server. This condition can crash BIND 9 and will likely severely affect operation of other programs running on the same machine.”
Patching this issue should be on the absolute top of the priority list for anyone running BIND.
More info: https://kb.isc.org/article/AA-00871