Common Vulnerabilities and Exposures assigned an identifier CVE-2014-3214 to the following vulnerability: Name: CVE-2014-3214 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3214 Assigned: 20140503 Reference: https://kb.isc.org/article/AA-01161 The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes. The prefetch option was introduced in BIND 9.10.0b1: https://kb.isc.org/article/AA-01138/81/BIND-9.10.0b1-Release-Notes.html Based on the issue description, the fix is possibly this NULL check in query.c: 7646 dns_name_t *name; 7647 name = (fname != NULL) ? fname : tname; 7648 query_prefetch(client, name, rdataset); The version of BIND in Red Hat Enterprise Linux is older than 9.10, and also does not contain query_prefetch()
The affected functionality does not appear to be in bind10 in Fedora either.
Statement: Not vulnerable. This issue did not affect the versions of bind or bind97 as shipped with Red Hat Enterprise Linux 5, 6 and 7.
(In reply to Murray McAllister from comment #1) > The affected functionality does not appear to be in bind10 in Fedora either. Note that bind10 is not BIND 9.10!
External References: https://kb.isc.org/article/AA-01161/