Bug 1299367 (CVE-2015-8705) - CVE-2015-8705 bind: crash when converting OPT resource records and ECS options to text format
Summary: CVE-2015-8705 bind: crash when converting OPT resource records and ECS option...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2015-8705
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1300051
Blocks: 1299370
TreeView+ depends on / blocked
 
Reported: 2016-01-18 08:57 UTC by Martin Prpič
Modified: 2023-05-12 14:44 UTC (History)
1 user (show)

Fixed In Version: bind 9.10.3-P3
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-01-19 20:39:30 UTC
Embargoed:


Attachments (Terms of Use)
9.10.3-rt41396-and-rt41397-CVE-2015-8704-and-CVE-2015-8705.diff (2.68 KB, text/plain)
2016-01-18 08:58 UTC, Martin Prpič
no flags Details

Description Martin Prpič 2016-01-18 08:57:27 UTC
The following flaw in BIND was reported by ISC:

In versions of BIND 9.10, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the issue may result in a REQUIRE assertion failure in buffer.c. In prior 9.10 versions, it may result in named crashing (such as with a segmentation fault) or other misbehavior due to a buffer overrun.

This issue can affect both authoritative and recursive servers if they are performing debug logging. (It may also crash related tools which use the same code, such as dig or delv.)

Mitigation:

Disable debug logging in named.

Comment 1 Martin Prpič 2016-01-18 08:57:48 UTC
Acknowledgements:

Red Hat would like to thank ISC for reporting this issue.

Comment 2 Martin Prpič 2016-01-18 08:58:22 UTC
Created attachment 1115783 [details]
9.10.3-rt41396-and-rt41397-CVE-2015-8704-and-CVE-2015-8705.diff

Comment 4 Tomas Hoger 2016-01-19 20:34:34 UTC
Public now via upstream advisory.

External References:

https://kb.isc.org/article/AA-01336

Comment 5 Tomas Hoger 2016-01-19 20:37:33 UTC
Created bind tracking bugs for this issue:

Affects: fedora-all [bug 1300051]

Comment 6 Tomas Hoger 2016-01-19 20:39:30 UTC
Only BIND 9.10 was affected by this issue, therefore no Red Hat Enterprise Linux version was affected.


Note You need to log in before you can comment on or make changes to this bug.