mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-28 09:12:00 +00:00
152 lines
6.5 KiB
JSON
152 lines
6.5 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2017-3145",
|
|
"ASSIGNER": "security-officer@isc.org",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137. Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug. The known crash is an assertion failure in netaddr.c."
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "ISC",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "BIND 9",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2018:0102",
|
|
"refsource": "MISC",
|
|
"name": "https://access.redhat.com/errata/RHSA-2018:0102"
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2018:0487",
|
|
"refsource": "MISC",
|
|
"name": "https://access.redhat.com/errata/RHSA-2018:0487"
|
|
},
|
|
{
|
|
"url": "https://www.debian.org/security/2018/dsa-4089",
|
|
"refsource": "MISC",
|
|
"name": "https://www.debian.org/security/2018/dsa-4089"
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2018:0488",
|
|
"refsource": "MISC",
|
|
"name": "https://access.redhat.com/errata/RHSA-2018:0488"
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2018:0101",
|
|
"refsource": "MISC",
|
|
"name": "https://access.redhat.com/errata/RHSA-2018:0101"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1040195",
|
|
"refsource": "MISC",
|
|
"name": "http://www.securitytracker.com/id/1040195"
|
|
},
|
|
{
|
|
"url": "https://kb.isc.org/docs/aa-01542",
|
|
"refsource": "MISC",
|
|
"name": "https://kb.isc.org/docs/aa-01542"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/102716",
|
|
"refsource": "MISC",
|
|
"name": "http://www.securityfocus.com/bid/102716"
|
|
},
|
|
{
|
|
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html",
|
|
"refsource": "MISC",
|
|
"name": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
|
|
},
|
|
{
|
|
"url": "https://security.netapp.com/advisory/ntap-20180117-0003/",
|
|
"refsource": "MISC",
|
|
"name": "https://security.netapp.com/advisory/ntap-20180117-0003/"
|
|
},
|
|
{
|
|
"url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named",
|
|
"refsource": "MISC",
|
|
"name": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
|
|
}
|
|
]
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
},
|
|
"work_around": [
|
|
{
|
|
"lang": "en",
|
|
"value": "If an operator is experiencing crashes due to this, temporarily disabling DNSSEC validation can be used to avoid the known problematic code path while replacement builds are prepared."
|
|
}
|
|
],
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.11-P1\n BIND 9 version 9.10.6-P1\n BIND 9 version 9.11.2-P1\n BIND 9 version 9.12.0rc2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.11-S2\n BIND 9 version 9.10.6-S2"
|
|
}
|
|
],
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability."
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "NETWORK",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"version": "3.0"
|
|
}
|
|
]
|
|
}
|
|
} |