Bug affects BIND users with the Response Policy Zones (RPZ) feature configured for RRset replacement. RPZ feature was initially built into 9.8.0 as a mechanism for modifying DNS responses from recursive servers according to local rules. There is no active exploit here, but certain DNSSEC validators are known to send RRSIG queries, which then trigger the failure. A work-around for this issue exists for anyone who is working with or installs version 9.0-P1 or higher.
Source: https://thehackernews.com/2011/05/remote-dos-flaw-in-bind-fixed-in-new.html