[arch-security] [ASA-201509-2] bind: denial of service
Remi Gacogne
rgacogne at archlinux.org
Thu Sep 3 08:53:13 UTC 2015
Arch Linux Security Advisory ASA-201509-2
=========================================
Severity: High
Date : 2015-09-03
CVE-ID : CVE-2015-5722 CVE-2015-5986
Package : bind
Type : denial of service
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
Summary
=======
The package bind before version 9.10.2.P4-1 is vulnerable to denial of
service.
Resolution
==========
Upgrade to 9.10.2.P4-1.
# pacman -Syu "bind>=9.10.2.P4-1"
The problem has been fixed upstream in versions 9.9.7-P3 and 9.10.2-P4.
Workaround
==========
CVE-2015-5722 might be mitigated by disabling DNSSEC validation. However
this is not recommended by ISC as it would increase the risk of other
types of DNS attacks.
Description
===========
- CVE-2015-5722 (Parsing malformed keys may cause BIND to exit due to a
failed assertion in buffer.c):
Parsing a malformed DNSSEC key can cause a validating resolver to exit
due to a failed assertion in buffer.c. It is possible for a remote
attacker to deliberately trigger this condition, for example by using a
query which requires a response from a zone containing a deliberately
malformed key.
- CVE-2015-5986 (An incorrect boundary check can trigger a REQUIRE
assertion failure in openpgpkey_61.c):
An incorrect boundary check in openpgpkey_61.c can cause named to
terminate due to a REQUIRE assertion failure. This defect can be
deliberately exploited by an attacker who can provide a maliciously
constructed response in answer to a query.
Impact
======
A remote attacker can crash a recursive server by causing a query to be
sent for a specially crafted DNS zone she controls, causing denial of
service.
A remote attacker might be able to crash an authoritative server if she
controls a zone the server must query against to perform its zone
service, causing denial of service.
References
==========
https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/
https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/
https://access.redhat.com/security/cve/CVE-2015-5722
https://access.redhat.com/security/cve/CVE-2015-5986
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20150903/5c394404/attachment.asc>
More information about the arch-security
mailing list