962190 – (CVE-2015-8705) VUL-0: CVE-2015-8705: bind: Problems converting OPT resource records and ECS options to text format can cause BIND to terminate

Bug 962190 (CVE-2015-8705) - VUL-0: CVE-2015-8705: bind: Problems converting OPT resource records and ECS options to text format can cause BIND to terminate

Summary: VUL-0: CVE-2015-8705: bind: Problems converting OPT resource records and ECS ...

Status:	RESOLVED FIXED

Alias:	CVE-2015-8705

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other openSUSE 42.1

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2016-01-15 21:27 UTC by Andreas Stieger
Modified:	2020-05-13 07:57 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Comment 1 Andreas Stieger 2016-01-15 21:49:41 UTC

Does not affect SLE (only going up to 9.9.6P1)
Does not affect openSUSE stable releases.
Affects network/bind and openSUSE Tumbleweed openSUSE:Factory/bind with bind-9.10.3-P2

Comment 2 Swamp Workflow Management 2016-01-15 23:01:02 UTC

bugbot adjusting priority

Comment 3 Andreas Stieger 2016-01-19 20:06:42 UTC

Public at https://kb.isc.org/article/AA-01336

CVE:
CVE-2015-8705
Document Version:
2.0
Posting date:
19 January 2016
Program Impacted:
BIND
Versions affected:
9.10.0->9.10.3-P2
Severity:
Medium
Exploitable:
Remotely

Description:

In versions of BIND 9.10, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the issue may result in a REQUIRE assertion failure in buffer.c. In prior 9.10 versions, it may result in named crashing (such as with a segmentation fault) or other misbehavior due to a buffer overrun.

Impact:

This issue can affect both authoritative and recursive servers if they are performing debug logging. (It may also crash related tools which use the same code, such as dig or delv.)

CVSS Score: 5.4

CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:C)

For more information on the Common Vulnerability Scoring System and to obtain your specific environmental score please visit: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2&vector=(AV:N/AC:H/Au:N/C:N/I:N/A:C)

Workarounds:

CVE-2015-8705 can be avoided in named by disabling debug logging.

Active exploits:

No known active exploits.

Solution: Upgrade to the patched release most closely related to your current version of BIND. This can be downloaded from http://www.isc.org/downloads.

BIND 9 version 9.10.3-P3

Acknowledgements: ISC would like to thank Tatuya Jinmei of Infoblox for discovering and reporting one of the issues corrected in this fix.

Document Revision History:

1.0 Advance Notification 12 January 2016
1.1 "Versions affected", "Severity", "Description", and "Impact" information corrected. 15 January 2016
2.0 Public disclosure 19 January 2016

Does not affect SLE (only going up to 9.9.6P1)
Does not affect openSUSE stable releases.
At any convenient time, submit to network/bind and openSUSE Tumbleweed openSUSE:Factory/bind with bind-9.10.3-P2

Comment 4 Bernhard Wiedemann 2016-01-20 12:00:15 UTC

This is an autogenerated message for OBS integration:
This bug (962190) was mentioned in
https://build.opensuse.org/request/show/354931 Factory / bind

Comment 5 Andreas Stieger 2016-01-22 10:27:35 UTC

Submitted to Factory, closing