A flaw in the EDNS option processing could cause named to crash with an assertion failure when processing specially-crafted queries. This issue only affected BIND versions 9.10.0 and 9.10.0-P1. This version is not shipped in any Red Hat products or in Fedora. External References: https://kb.isc.org/article/AA-01166
Statement: Not vulnerable. This issue did not affect the versions of bind or bind97 as shipped with Red Hat Enterprise Linux 5, 6, and 7.
This issue (or some of it) was fixed with the following: lib/dns/message.c @@ -3359,6 +3360,8 @@ * version */ ADD_STRING(target, "(\""); + if (isc_buffer_availablelength(target) < optlen) + return (ISC_R_NOSPACE); for (i = 0; i < optlen; i++) { if (isprint(optdata[i])) isc_buffer_putmem(target,