CVE-2015-5477 is a scary DoS in BIND9 capable of triggering a crash with a single packet. I interleaved the vulnerable code with my investigation of the bug on the CloudFlare blog.

A deep look at CVE-2015-5477 | CloudFlare Blog (archive)