Bug 1193820 (CVE-2015-1349) - CVE-2015-1349 bind: issue in trust anchor management can cause named to crash
Summary: CVE-2015-1349 bind: issue in trust anchor management can cause named to crash
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2015-1349
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1197618 1197619 1197620 1197621
Blocks: 1193821
TreeView+ depends on / blocked
 
Reported: 2015-02-18 10:31 UTC by Vasyl Kaigorodov
Modified: 2023-05-12 18:20 UTC (History)
10 users (show)

Fixed In Version: BIND 9.9.7, BIND 9.10.2
Doc Type: Bug Fix
Doc Text:
A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon (named) to crash under certain conditions.
Clone Of:
Environment:
Last Closed: 2015-03-11 03:51:47 UTC
Embargoed:

Attachments (Terms of Use)
bind9-patch-v9_10_1-CVE-2015-1349 (1.49 KB, text/plain)
2015-02-18 10:32 UTC, Vasyl Kaigorodov 		no flags Details
bind9-patch-v9_9_6-CVE-2015-1349 (1.48 KB, text/plain)
2015-02-18 10:33 UTC, Vasyl Kaigorodov 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:0672 0 normal SHIPPED_LIVE Moderate: bind security update 2015-03-11 05:58:18 UTC

Description Vasyl Kaigorodov 2015-02-18 10:31:54 UTC 
It was reported that a problem with trust anchor management can cause named to crash, affecting BIND versions 9.7.0+.

ISC developers believe that it will be very difficult for this to be triggered in most cases, requiring DNSSEC validation amongst other factors.

ISC will not be producing patches specifically for BIND 9.8 or BIND 9.6-ESV, both of which are beyond their End of Life (EOL) and are no longer supported by ISC.

Patches that correct this issue for ISC BIND 9.10.1 and ISC BIND 9.9.6 are attached to this Bugzilla.
Comment 1 Vasyl Kaigorodov 2015-02-18 10:32:54 UTC 
Created attachment 993044 [details]
bind9-patch-v9_10_1-CVE-2015-1349
Comment 2 Vasyl Kaigorodov 2015-02-18 10:33:11 UTC 
Created attachment 993045 [details]
bind9-patch-v9_9_6-CVE-2015-1349
Comment 3 Vasyl Kaigorodov 2015-02-18 10:36:08 UTC 
Acknowledgements:

Red Hat would like to thank ISC for reporting this issue.
Comment 4 Vasyl Kaigorodov 2015-02-20 13:16:58 UTC 
Looking at bind9-patch-v9_9_6-CVE-2015-1349, and at RHEL code, it appear that RHEL 5 (bind-9.3.6-P1) is not affected by this (does not contain affected code), and both RHEL-6 (bind-9.8.2rc1) and RHEL-7 (bind-9.9.4) are affected by this issue.
Comment 5 Vasyl Kaigorodov 2015-02-20 13:43:57 UTC 
There is also bind97 component in RHEL-5 which, according to upstream, is also affected.
Comment 7 Tomáš Hozza 2015-02-24 08:27:47 UTC 
setting NEEDINFO due to comment #6
Comment 12 Fedora Update System 2015-03-05 12:38:42 UTC 
bind-9.9.6-8.P1.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 13 Fedora Update System 2015-03-05 12:38:48 UTC 
bind-9.9.4-18.P2.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 15 Vasyl Kaigorodov 2015-03-10 15:03:55 UTC 
External References:

https://kb.isc.org/article/AA-01235/0/CVE-2015-1349%3A-A-Problem-with-Trust-Anchor-Management-Can-Cause-named-to-Crash.html
Comment 16 errata-xmlrpc 2015-03-11 01:58:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7
  Red Hat Enterprise Linux 6

Via RHSA-2015:0672 https://rhn.redhat.com/errata/RHSA-2015-0672.html
Comment 19 Fabio Olive Leite 2015-03-26 20:00:26 UTC 
Statement:

Red Hat Enterprise Linux 5 ships with both bind (9.3) packages which are not affected by this issue, and bind97 packages, which are affected by this issue.
Red Hat Enterprise Linux 5 is now in Production Phase 3 of the support and maintenance life cycle. This issue is not currently planned to be addressed in future bind97 updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
Note You need to log in before you can comment on or make changes to this bug.