CVE-2019-6471: A race condition when discarding malformed packets can cause BIND

[icecream-guy]

CVE:                 CVE-2019-6471
Document version:    2.0
Posting date:        19 June 2019
Program impacted:    BIND
Versions affected:   BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1,
                     9.14.0 -> 9.14.2. Also all releases of the BIND 9.13
                     development branch and version 9.15.0 of the BIND 9.15
                     development branch. BIND Supported Preview Edition
                     versions 9.11.3-S1 -> 9.11.7-S1.
Severity:            Medium
Exploitable:         Remotely

Description:

   A race condition which may occur when discarding malformed packets
   can result in BIND exiting due to a REQUIRE assertion failure
   in dispatch.c.

Impact:

   An attacker who can cause a resolver to perform queries which
   will be answered by a server which responds with deliberately
   malformed answers can cause named to exit, denying service to
   clients.

CVSS Score:          5.9
CVSS Vector:         CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

For more information on the Common Vulnerability Scoring System and to obtain your specific environmental score please visit:
https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H.

Workarounds:

   None.

Active exploits:

   None known.

Solution:

   Upgrade to the patched release most closely related to your current version of BIND:

   +  BIND 9.11.8
   +  BIND 9.12.4-P2
   +  BIND 9.14.3
   +  BIND 9.15.1

   BIND Supported Preview Edition is a special feature preview
   branch of BIND provided to eligible ISC support customers.

   +  BIND 9.11.8-S1

Acknowledgements:

   ISC would like to thank CERN for helping us to discover this issue.

Document revision history:

   1.0 Early Notification, 12 June 2019
   2.0 Public Disclosure, 19 June 2019

Related documents:

   See our BIND 9 Security Vulnerability Matrix for a complete
   listing of security vulnerabilities and versions affected.