Bug 1259085 (CVE-2015-5986) - CVE-2015-5986 Bind: fromwire_openpgpkey() incorrect boundary check Denial of Service
Summary: CVE-2015-5986 Bind: fromwire_openpgpkey() incorrect boundary check Denial of ...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2015-5986
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1259563
Blocks: 1259089
TreeView+ depends on / blocked
 
Reported: 2015-09-01 23:40 UTC by Kurt Seifried
Modified: 2021-02-17 04:58 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
A boundary check flaw was found in the way BIND parsed answers in certain DNS queries. A remote attacker able to provide a specially crafted response in an answer to a query could cause named functioning as a recursive resolver to crash.
Clone Of:
Environment:
Last Closed: 2015-09-03 04:59:33 UTC


Attachments (Terms of Use)
CVE-2015-5986.BIND.9.10.2.diff (477 bytes, patch)
2015-09-01 23:41 UTC, Kurt Seifried
no flags Details | Diff
CVE-2015-5986.BIND-9.9.7.diff (475 bytes, patch)
2015-09-01 23:42 UTC, Kurt Seifried
no flags Details | Diff

Description Kurt Seifried 2015-09-01 23:40:48 UTC
The following flaw, reported by ISC, was found in recent versions of BIND 9 ( 9.9.7 through 9.9.7-P2, and 9.10.2 through 9.10.2-P3):

An incorrect boundary check in openpgpkey_61.c can cause named to
terminate due to a REQUIRE assertion failure. This defect can be
deliberately exploited by an attacker who can provide a maliciously
constructed response in answer to a query.

Acknowledgements:

Red Hat would like to thank ISC for reporting this issue.

Comment 1 Kurt Seifried 2015-09-01 23:41:49 UTC
Created attachment 1069242 [details]
CVE-2015-5986.BIND.9.10.2.diff

Comment 2 Kurt Seifried 2015-09-01 23:42:14 UTC
Created attachment 1069243 [details]
CVE-2015-5986.BIND-9.9.7.diff

Comment 3 Kurt Seifried 2015-09-02 04:03:23 UTC
Statement:

This issue did not affect the versions of Bind as shipped with Red Hat Enterprise Linux 4, 5, 6 and 7 as they did not include support for fromwire_openpgpkey().

Comment 5 Huzaifa S. Sidhpurwala 2015-09-03 01:22:11 UTC
External References:

https://kb.isc.org/article/AA-01291/0

Comment 6 Huzaifa S. Sidhpurwala 2015-09-03 04:54:45 UTC
Created bind99 tracking bugs for this issue:

Affects: fedora-22 [bug 1259563]

Comment 7 Fedora Update System 2015-09-06 01:09:30 UTC
bind99-9.9.7-7.P3.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Comment 8 Fedora Update System 2015-09-06 17:04:53 UTC
bind99-9.9.7-7.P3.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Update System 2015-09-24 08:26:17 UTC
bind99-9.9.7-7.P3.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.