CVE-2023-5517

Опубликовано: 13 фев. 2024

Источник: redhat

CVSS3: 7.5

Описание

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when:

nxdomain-redirect <domain>; is configured, and
the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versions 9.12.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

A flaw was found in the bind package which may result in a Denial of Service in named process. This is a result of a reachable assertion, leading named to prematurely terminate when both conditions are met: nxdomain-redirect for the queried domain is configured and the resolver receives a PTR query, used for a reverse DNS lookup, for a RFC 1918 address that would normally result in an authoritative NXDOMAIN response. A single query matching both conditions can lead to a Denial of Service in the named application.

Отчет

The vulnerability in the bind package represents a important severity issue due to its potential to cause a Denial of Service (DoS) in the named DNS server. This flaw arises from a reachable assertion that triggers a premature termination of the named process when specific conditions are met: a domain configured with nxdomain-redirect and a PTR query for an RFC 1918 address. This scenario can lead to a complete failure of the DNS resolution service, disrupting network operations and availability. Given that DNS services are fundamental for network communication and resource accessibility, such an exploit could result in significant service outages, impacting both internal and external systems reliant on the affected DNS server.

Меры по смягчению последствий

To prevent this vulnerability, ensure the nxdomain-redirect directive is not present in the /etc/named.conf file. Disabling the nxdomain-redirect feature makes the faulty code path impossible to reach, preventing this flaw from being exploitable.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	bind	Not affected
Red Hat Enterprise Linux 7	bind	Not affected
Red Hat Enterprise Linux 8	bind	Not affected
Red Hat Enterprise Linux 9	dhcp	Not affected
Red Hat Enterprise Linux 8	bind9.16	Fixed	RHSA-2024:1781	11.04.2024
Red Hat Enterprise Linux 8.6 Extended Update Support	bind9.16	Fixed	RHSA-2024:1647	02.04.2024
Red Hat Enterprise Linux 8.8 Extended Update Support	bind9.16	Fixed	RHSA-2024:1648	02.04.2024
Red Hat Enterprise Linux 9	bind	Fixed	RHSA-2024:1789	11.04.2024
Red Hat Enterprise Linux 9	bind-dyndb-ldap	Fixed	RHSA-2024:1789	11.04.2024
Red Hat Enterprise Linux 9	bind	Fixed	RHSA-2024:2551	30.04.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-617

https://bugzilla.redhat.com/show_bug.cgi?id=2263897bind9: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled

7.5 High

CVSS3

Связанные уязвимости

CVE-2023-5517

CVSS3: 7.5

ubuntu

больше 1 года назад

A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versions 9.12.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.