Arch Linux Security Advisory ASA-201509-2 ========================================= Severity: High Date : 2015-09-03 CVE-ID : CVE-2015-5722 CVE-2015-5986 Package : bind Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package bind before version 9.10.2.P4-1 is vulnerable to denial of service. Resolution ========== Upgrade to 9.10.2.P4-1. # pacman -Syu "bind>=9.10.2.P4-1" The problem has been fixed upstream in versions 9.9.7-P3 and 9.10.2-P4. Workaround ========== CVE-2015-5722 might be mitigated by disabling DNSSEC validation. However this is not recommended by ISC as it would increase the risk of other types of DNS attacks. Description =========== - CVE-2015-5722 (Parsing malformed keys may cause BIND to exit due to a failed assertion in buffer.c): Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query which requires a response from a zone containing a deliberately malformed key. - CVE-2015-5986 (An incorrect boundary check can trigger a REQUIRE assertion failure in openpgpkey_61.c): An incorrect boundary check in openpgpkey_61.c can cause named to terminate due to a REQUIRE assertion failure. This defect can be deliberately exploited by an attacker who can provide a maliciously constructed response in answer to a query. Impact ====== A remote attacker can crash a recursive server by causing a query to be sent for a specially crafted DNS zone she controls, causing denial of service. A remote attacker might be able to crash an authoritative server if she controls a zone the server must query against to perform its zone service, causing denial of service. References ========== https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bin... https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trig... https://access.redhat.com/security/cve/CVE-2015-5722 https://access.redhat.com/security/cve/CVE-2015-5986