Bug 754398 (CVE-2011-4313)
Summary: | CVE-2011-4313 bind: Remote denial of service against recursive servers via logging negative cache entry | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | anemec, cody, danilo.taveira, eric.eisenhart, fahnoe, herrold, hui.zhu, ibudiman, jeff, kmoriwak, kouyama.yutaka, matt.cavaness, maurizio.antillon, mollo, moshiro, myamazak, ovasik, peter.mueller, rbinkhor, rbryce, rrosario, rvandolson, security-response-team, shyam, smccarty, vdanen, ville |
Target Milestone: | --- | Keywords: | Reopened, Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-07-11 08:40:08 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 754502, 754504, 754505, 754506, 754507, 754508, 754509, 757109, 833878 | ||
Bug Blocks: | 754402 |
Description
Jan Lieskovsky
2011-11-16 11:41:48 UTC
Created bind tracking bugs for this issue Affects: fedora-all [bug 754509] This is CVE-2011-4313. *** Bug 754494 has been marked as a duplicate of this bug. *** Any ETA for a fix for this? I have added the patch to the upstream spec file, and I have built an updated rpm package in our repository: http://repo.nixval.com/nixval-centos/5/updates/repodata/repoview/bind-30-9.3.6-16P1.1.el5.html I have used the following patch: http://seclists.org/oss-sec/2011/q4/att-317/bind-9_3_5-up-CVE-2011-4313.diff Cheers. (In reply to comment #10) > > I have used the following patch: > > http://seclists.org/oss-sec/2011/q4/att-317/bind-9_3_5-up-CVE-2011-4313.diff > > Cheers. The patch is not 100% correct because 9.3.X version handles negative rdatasets differently. The rbtdb.c part of the patch uses RDATASET_ATTR_NEGATIVE attribute but this attribute is never set. However the query.c part of the patch is correct and in my opinion it's sufficient to prevent the crash. I found the Ubuntu patch, but is for version 9.7. This is the only patch I've found. This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2011:1459 https://rhn.redhat.com/errata/RHSA-2011-1459.html This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2011:1458 https://rhn.redhat.com/errata/RHSA-2011-1458.html What is the position on RHEL 4 with the bind-9.2.4-37.el4 release? --Larry Statement: (none) ISC updated the document as it affects all BIND9.
Does our statement get effect or not?
> Versions affected:
> BIND 9.0.x -> 9.6.x , 9.4-ESV->9.4-ESV-R5, 9.6-ESV->9.6-ESV-R5, 9.7.0->9.7.4, > 9.8.0->9.8.1, 9.9.0a1->9.9.0b1
RHEL 4 version is 9.2.4-37.el4, so shouldn't it also be affected? (In reply to comment #17) Hello Kazuo-san, > ISC updated the document as it affects all BIND9. > Does our statement get effect or not? The particular statement has been updated / deleted. Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team > > > Versions affected: > > BIND 9.0.x -> 9.6.x , 9.4-ESV->9.4-ESV-R5, 9.6-ESV->9.6-ESV-R5, 9.7.0->9.7.4, > 9.8.0->9.8.1, 9.9.0a1->9.9.0b1 (In reply to comment #18) Hello Danilo, > RHEL 4 version is 9.2.4-37.el4, so shouldn't it also be affected? Yes, from communication with upstream it concluded the version of bind package, as shipped with Red Hat Enterprise Linux 4 is vulnerable to the CVE-2011-4313 issue too. Currently we are working on preparing a bind package update for Red Hat Enterprise Linux 4, and once it has passed all the required testing it will be released. Hope this helps. Let us know if we can be of any further assistance. Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2011:1496 https://rhn.redhat.com/errata/RHSA-2011-1496.html |