CVE-2018-5734

Summary

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.

Affected Software

VendorProductVersion RangeStatus
ISCBIND 99.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2affected

Weaknesses

  • Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view.

Workarounds

Disabling the SERVFAIL cache with 'servfail-ttl 0;' will prevent taking the code path that leads to the assertion failure.

ADP Enrichment

CVE Program Container

Additional References

References