Bug 1259087 (CVE-2015-5722) - CVE-2015-5722 bind: malformed DNSSEC key failed assertion denial of service
Summary: CVE-2015-5722 bind: malformed DNSSEC key failed assertion denial of service
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2015-5722
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1259133 1259134 1259135 1259136 1259137 1259138 1259690 1259691 1300758 1300760 1300761
Blocks: 1259089 1484522
TreeView+ depends on / blocked
 
Reported: 2015-09-01 23:58 UTC by Kurt Seifried
Modified: 2023-05-12 10:35 UTC (History)
6 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2015-09-03 04:59:49 UTC
Embargoed:

Attachments (Terms of Use)
CVE-2015-5722.BIND-9.10.2.diff (20.22 KB, patch)
2015-09-02 00:00 UTC, Kurt Seifried 		no flags Details | Diff
CVE-2015-5722.BIND-9.9.7.diff (13.46 KB, patch)
2015-09-02 00:01 UTC, Kurt Seifried 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:1705 0 normal SHIPPED_LIVE Important: bind security update 2015-09-03 08:37:34 UTC
Red Hat Product Errata RHSA-2015:1706 0 normal SHIPPED_LIVE Important: bind security update 2015-09-03 06:52:11 UTC
Red Hat Product Errata RHSA-2015:1707 0 normal SHIPPED_LIVE Important: bind97 security update 2015-09-03 06:51:55 UTC
Red Hat Product Errata RHSA-2016:0078 0 normal SHIPPED_LIVE Important: bind security update 2016-01-28 18:27:03 UTC
Red Hat Product Errata RHSA-2016:0079 0 normal SHIPPED_LIVE Important: bind security update 2016-01-28 18:45:17 UTC

Description Kurt Seifried 2015-09-01 23:58:43 UTC 
The following flaw, reported by ISC, was found in all versions of BIND 9 (9.0.0 through 9.8.8, 9.9.0 through 9.9.7-P2, and 9.10.0 through 9.10.2-P3):

Parsing a malformed DNSSEC key can cause a validating resolver to exit
due to a failed assertion in buffer.c. It is possible for a remote
attacker to deliberately trigger this condition, for example by using a
query which requires a response from a zone containing a deliberately
malformed key.

ISC would like to thank Hanno Böck from the Fuzzing Project for
discovering and reporting this defect. We would also like to express
our appreciation to the developers of the American Fuzzy Lop tool, which
has been instrumental in revealing recently-disclosed vulnerabilities in
BIND.

Acknowledgements:

Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Hanno Böck as the original reporter.
Comment 1 Kurt Seifried 2015-09-02 00:00:53 UTC 
Created attachment 1069244 [details]
CVE-2015-5722.BIND-9.10.2.diff
Comment 2 Kurt Seifried 2015-09-02 00:01:34 UTC 
Created attachment 1069245 [details]
CVE-2015-5722.BIND-9.9.7.diff
Comment 7 Huzaifa S. Sidhpurwala 2015-09-03 01:22:48 UTC 
External References:

https://kb.isc.org/article/AA-01287/0
Comment 8 errata-xmlrpc 2015-09-03 02:52:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 5

Via RHSA-2015:1707 https://rhn.redhat.com/errata/RHSA-2015-1707.html
Comment 9 errata-xmlrpc 2015-09-03 02:52:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 5

Via RHSA-2015:1706 https://rhn.redhat.com/errata/RHSA-2015-1706.html
Comment 10 errata-xmlrpc 2015-09-03 04:38:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7
  Red Hat Enterprise Linux 6

Via RHSA-2015:1705 https://rhn.redhat.com/errata/RHSA-2015-1705.html
Comment 11 Tomáš Hozza 2015-09-03 09:15:36 UTC 
Do you plan to create bugs for Fedora, too?
Comment 12 Huzaifa S. Sidhpurwala 2015-09-03 11:21:56 UTC 
Created bind tracking bugs for this issue:

Affects: fedora-21 [bug 1259690]
Comment 13 Huzaifa S. Sidhpurwala 2015-09-03 11:22:00 UTC 
Created bind99 tracking bugs for this issue:

Affects: fedora-22 [bug 1259691]
Comment 14 Kurt Seifried 2015-09-03 14:21:43 UTC 
Closing the needinfo.
Comment 15 Fedora Update System 2015-09-06 01:09:34 UTC 
bind99-9.9.7-7.P3.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
Comment 16 Fedora Update System 2015-09-06 17:04:41 UTC 
bind-9.10.3-0.1.rc1.fc23, bind-dyndb-ldap-8.0-3.fc23, dnsperf-2.0.0.0-18.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
Comment 17 Fedora Update System 2015-09-06 17:04:56 UTC 
bind99-9.9.7-7.P3.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
Comment 18 Fedora Update System 2015-09-09 23:18:37 UTC 
bind-9.10.2-5.P4.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
Comment 19 Fedora Update System 2015-09-24 08:26:22 UTC 
bind99-9.9.7-7.P3.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
Comment 20 Fedora Update System 2015-10-04 23:20:50 UTC 
bind-9.9.6-11.P1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
Comment 23 errata-xmlrpc 2016-01-28 13:28:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6.5 AUS - Server Only
  Red Hat Enterprise Linux 6.4 AUS - Server Only

Via RHSA-2016:0078 https://rhn.redhat.com/errata/RHSA-2016-0078.html
Comment 24 errata-xmlrpc 2016-01-28 13:45:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6.6 EUS - Server and Compute Node Only

Via RHSA-2016:0079 https://rhn.redhat.com/errata/RHSA-2016-0079.html
Note You need to log in before you can comment on or make changes to this bug.