Bug 970905 - (CVE-2013-3919) CVE-2013-3919 bind: Querying a recursive resolver for a malformed zone causes named to crash
CVE-2013-3919 bind: Querying a recursive resolver for a malformed zone causes...
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On:
Blocks: 970911
  Show dependency treegraph
Reported: 2013-06-05 03:57 EDT by Huzaifa S. Sidhpurwala
Modified: 2013-06-05 11:24 EDT (History)
3 users (show)

See Also:
Fixed In Version: bind 9.9.3-P1, bind 9.8.5-P1, bind 9.6-ESV-R9-P1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-06-05 05:39:51 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
diff of bind-9.6-ESV-R9-P1 and bind-9.6-ESV-R9 (2.71 KB, patch)
2013-06-05 04:00 EDT, Huzaifa S. Sidhpurwala
no flags Details | Diff

  None (edit)
Description Huzaifa S. Sidhpurwala 2013-06-05 03:57:33 EDT
A flaw in ISC BIND was reported [1] where a recursive nameserver could be caused to crash if it recieved a query for a record in a specially malformed zone. A remote attacker could use this flaw to remotely exploit (Denial of Service) a recursive nameserver, by sending a query for a malformed zone, which could cause BIND to exit with a fatal "RUNTIME_CHECK" error in resolver.c

[1] https://kb.isc.org/article/AA-00967

Affected versions: BIND 9.6-ESV-R9, 9.8.5, and 9.9.3 are affected

Versions 9.6.0 through 9.6-ESV-R8, 9.8.0 through 9.8.4-P2, and 9.9.0 through 9.9.2-P2 ARE NOT affected. Also other major branches of BIND (e.g. 9.7, 9.5, etc) are NOT vulnerable to this flaw.
Comment 1 Huzaifa S. Sidhpurwala 2013-06-05 04:00:27 EDT
Created attachment 757073 [details]
diff of bind-9.6-ESV-R9-P1 and bind-9.6-ESV-R9
Comment 2 Huzaifa S. Sidhpurwala 2013-06-05 04:13:18 EDT

Not Vulnerable. This issue does not affect the version of bind as shipped with Red Hat Enterprise Linux 5 and 6. This issue does not affect the version of bind97 as shipped with Red Hat Enterprise Linux 5.
Comment 3 Huzaifa S. Sidhpurwala 2013-06-05 04:26:16 EDT
Fedora 17 ships bind-9.9.2-7.P2.fc17 and Fedora 18 ships bind-9.9.2-10.P2.fc18, and therefore are not affected by this issue.

However the update candidates for bind are affected:


Please schedule an update to replace these builds with the fixed versions.

Note You need to log in before you can comment on or make changes to this bug.