Bug 1299367 - (CVE-2015-8705) CVE-2015-8705 bind: crash when converting OPT resource records and ECS options to text format
CVE-2015-8705 bind: crash when converting OPT resource records and ECS option...
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20160119,reported=2...
: Security
Depends On: 1300051
Blocks: 1299370
  Show dependency treegraph
 
Reported: 2016-01-18 03:57 EST by Martin Prpič
Modified: 2016-01-22 04:30 EST (History)
1 user (show)

See Also:
Fixed In Version: bind 9.10.3-P3
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-01-19 15:39:30 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
9.10.3-rt41396-and-rt41397-CVE-2015-8704-and-CVE-2015-8705.diff (2.68 KB, text/plain)
2016-01-18 03:58 EST, Martin Prpič
no flags Details

  None (edit)
Description Martin Prpič 2016-01-18 03:57:27 EST
The following flaw in BIND was reported by ISC:

In versions of BIND 9.10, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the issue may result in a REQUIRE assertion failure in buffer.c. In prior 9.10 versions, it may result in named crashing (such as with a segmentation fault) or other misbehavior due to a buffer overrun.

This issue can affect both authoritative and recursive servers if they are performing debug logging. (It may also crash related tools which use the same code, such as dig or delv.)

Mitigation:

Disable debug logging in named.
Comment 1 Martin Prpič 2016-01-18 03:57:48 EST
Acknowledgements:

Red Hat would like to thank ISC for reporting this issue.
Comment 2 Martin Prpič 2016-01-18 03:58:22 EST
Created attachment 1115783 [details]
9.10.3-rt41396-and-rt41397-CVE-2015-8704-and-CVE-2015-8705.diff
Comment 4 Tomas Hoger 2016-01-19 15:34:34 EST
Public now via upstream advisory.

External References:

https://kb.isc.org/article/AA-01336
Comment 5 Tomas Hoger 2016-01-19 15:37:33 EST
Created bind tracking bugs for this issue:

Affects: fedora-all [bug 1300051]
Comment 6 Tomas Hoger 2016-01-19 15:39:30 EST
Only BIND 9.10 was affected by this issue, therefore no Red Hat Enterprise Linux version was affected.

Note You need to log in before you can comment on or make changes to this bug.