Bug 616706 (CVE-2010-0213)

Summary: CVE-2010-0213 BIND: DoS (infinite loop of RRSIGs queries to authoritative servers) via certain RRSIG query
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: atkac, pwouters
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: public=20100715,reported=20100721,source=internet,rhel-3/bind=notaffected/impact=moderate/cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-4/bind=notaffected/impact=moderate/cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-5/bind=notaffected/impact=moderate/cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,rhel-6/bind=notaffected/impact=moderate/cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,fedora-12/bind=notaffected/impact=moderate/cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,fedora-13/bind=notaffected/impact=moderate/cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-835[auto]
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-07-29 06:54:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Jan Lieskovsky 2010-07-21 09:00:11 UTC
ISC BIND upstream recently released a fix:
  [1] http://www.isc.org/software/bind/advisories/cve-2010-0213

for a deficiency in the way BIND processed certain RRSIG queries. More
exact details from [1]:

If a query is made explicitly for a record of type 'RRSIG' to a validating
recursive server running BIND 9.7.1 or 9.7.1-P1, and the server has one or
more trust anchors configured statically and/or via DLV, then if the answer
is not already in cache, the server enters a loop which repeatedly generates
queries for RRSIGs to the authoritative servers for the zone containing the
queried name.

Affected BIND versions: v9.7.1, v9.7.1-P1

References:
  [2] http://www.kb.cert.org/vuls/id/211905 (not available yet)
  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0213 (not
      available yet)

Credit: Upstream acknowledges Marco Davids of SIDN for discovering and
        testing the issue.

Comment 2 Jan Lieskovsky 2010-07-21 09:13:04 UTC
This issue did NOT affect the versions of the bind package, as shipped
with Red Hat Enterprise Linux 3, 4, or 5.

This issue did NOT affect the version of the bind package, as shipped
with Fedora release of 12.

This issue affects the version of the bind package, as shipped with
Fedora release of 13. Updates will be available shortly.

Comment 3 Jan Lieskovsky 2010-07-21 09:14:01 UTC
Statement:

Not vulnerable. This issue did not affect the versions of the bind as shipped with Red Hat Enterprise Linux 3, 4, or 5.

Comment 5 Fedora Update System 2010-07-23 02:35:03 UTC
bind-9.7.1-2.P2.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.