Project

General

Profile

Bug #6424

Bug #6420: bind: A problem handling responses containing a DNAME answer can lead to an assertion failure (CVE-2016-8864)

[3.1] bind: A problem handling responses containing a DNAME answer can lead to an assertion failure (CVE-2016-8864)

Added by Alicha CH almost 2 years ago. Updated about 1 year ago.

Status:
Rejected
Priority:
Normal
Assignee:
Category:
-
Target version:
Start date:
11/03/2016
Due date:
% Done:

0%

Estimated time:
Affected versions:

Description

During processing of a recursive response that contains a DNAME record in the answer section,
BIND can stop execution after encountering an assertion error in resolver.c (error message: "INSIST != 0) failed")
or db.c (error message: "REQUIRE0) && *targetp == ((void *)0)) failed").

A server encountering either of these error conditions will stop, resulting in denial of service to clients. 
The risk to authoritative servers is minimal; recursive servers are chiefly at risk.

Affected versions:

9.0.x -> 9.8.x, 9.9.0 -> 9.9.9-P3, 9.9.3-S1 -> 9.9.9-S5, 9.10.0 -> 9.10.4-P3, 9.11.0

Fixed in:

BIND 9 version 9.10.4-P4

Reference:

https://kb.isc.org/article/AA-01434/0

History

#1 Updated by Timo Teräs about 1 year ago

  • Status changed from New to Rejected

3.1-stable is no longer supported.

Also available in: Atom PDF