The following flaw, reported by ISC, was found in BIND version 9 (9.0.0 through 9.9.8, 9.10.0 through 9.10.3): An error in the parsing of incoming responses allows some records with an incorrect class to be be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this condition is possible and could be used as a denial-of-service vector against servers performing recursive queries. An attacker who can cause a server to request a record with a malformed class attribute can use this bug to trigger a REQUIRE assertion in db.c, causing named to exit and denying service to clients. The risk to recursive servers is high. Authoritative servers are at limited risk if they perform authentication when making recursive queries to resolve addresses for servers listed in NS RRSETs.
Acknowledgements: Red Hat would like to thank ISC for reporting this issue.
Created attachment 1105523 [details] Relevant diff between 9.9.8-P2 and 9.9.8
Created attachment 1105569 [details] Extracted part of the fix for CVE-2015-8000
Created attachment 1105581 [details] Patch for BIND 9.9.4
Public now via upstream advisory. External References: https://kb.isc.org/article/AA-01317
Created bind tracking bugs for this issue: Affects: fedora-all [bug 1291909]
Created bind99 tracking bugs for this issue: Affects: fedora-all [bug 1291910]
This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2015:2656 https://rhn.redhat.com/errata/RHSA-2015-2656.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2015:2655 https://rhn.redhat.com/errata/RHSA-2015-2655.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2015:2658 https://rhn.redhat.com/errata/RHSA-2015-2658.html
Upstream commit applied to 9.9.8: https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=490970d0614214b477085adf5aa021690194b0b8
bind99-9.9.8-1.P2.fc23, dhcp-4.3.3-7.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
bind-9.10.3-7.P2.fc23, bind-dyndb-ldap-8.0-4.fc23, dnsperf-2.0.0.0-19.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
bind-9.10.3-7.P2.fc22, bind-dyndb-ldap-7.0-6.fc22, dnsperf-2.0.0.0-19.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
bind99-9.9.8-1.P2.fc22, dhcp-4.3.2-6.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 AUS - Server Only Red Hat Enterprise Linux 6.4 AUS - Server Only Via RHSA-2016:0078 https://rhn.redhat.com/errata/RHSA-2016-0078.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 EUS - Server and Compute Node Only Via RHSA-2016:0079 https://rhn.redhat.com/errata/RHSA-2016-0079.html