Описание
Security update for bind
This update for bind fixes the following issues:
Update to release 9.16.44:
- CVE-2023-3341: Fixed stack exhaustion flaw in control channel code may cause named to terminate unexpectedly (bsc#1215472).
Список пакетов
Image SLES15-SP4-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-BYOS-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-BYOS-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-BYOS-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-CHOST-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-CHOST-BYOS-Aliyun
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-CHOST-BYOS-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-CHOST-BYOS-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-CHOST-BYOS-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-CHOST-BYOS-SAP-CCloud
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-HPC-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-HPC-BYOS-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-HPC-BYOS-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-HPC-BYOS-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-HPC-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-HPC-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Hardened-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Hardened-BYOS-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Hardened-BYOS-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Hardened-BYOS-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Proxy-4-3-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Server-4-3
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Server-4-3-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Azure-LI-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Azure-VLI-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-BYOS-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-BYOS-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-BYOS-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Hardened
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Hardened-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Hardened-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Hardened-BYOS-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAP-Hardened-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAPCAL
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAPCAL-Azure
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAPCAL-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SAPCAL-GCE
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SUSE-Rancher-Setup-BYOS
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
SUSE Linux Enterprise Module for Basesystem 15 SP4
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
SUSE Linux Enterprise Module for Server Applications 15 SP4
bind-9.16.44-150400.5.37.2
bind-doc-9.16.44-150400.5.37.2
openSUSE Leap 15.4
bind-9.16.44-150400.5.37.2
bind-doc-9.16.44-150400.5.37.2
bind-utils-9.16.44-150400.5.37.2
python3-bind-9.16.44-150400.5.37.2
Ссылки
- Link for SUSE-SU-2023:3737-1
- E-Mail link for SUSE-SU-2023:3737-1
- SUSE Security Ratings
- SUSE Bug 1215472
- SUSE CVE CVE-2023-3341 page
Описание
The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.
Затронутые продукты
Image SLES15-SP4-BYOS-Azure:bind-utils-9.16.44-150400.5.37.2
Image SLES15-SP4-BYOS-Azure:python3-bind-9.16.44-150400.5.37.2
Image SLES15-SP4-BYOS-EC2:bind-utils-9.16.44-150400.5.37.2
Image SLES15-SP4-BYOS-EC2:python3-bind-9.16.44-150400.5.37.2
Ссылки
- CVE-2023-3341
- SUSE Bug 1215472
- SUSE Bug 1216764
- SUSE Bug 1217453
- SUSE Bug 1217551
- SUSE Bug 1217600
- SUSE Bug 1221586
- SUSE Bug 1223092