Bug 1126069 (CVE-2019-6465)

Summary: VUL-0: CVE-2019-6465: bind: Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable.
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: abergmann, atoptsoglou, max, navin.kukreja
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/225045/
Whiteboard: CVSSv3:NVD:CVE-2019-6465:5.3:(AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) CVSSv3:RedHat:CVE-2019-6465:3.7:(AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) CVSSv3:SUSE:CVE-2019-6465:5.3:(AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcus Meissner 2019-02-20 10:25:50 UTC 
embargoed via distros

CRD: 2019-02-21

CVE-2019-6465:  Controls for zone transfers may not be properly
applied to Dynamically Loadable Zones (DLZs) if the zones are writable.

CVE:                 CVE-2019-6465
Document version:    2.0
Posting date:        21 February 2019
Program impacted:    BIND
Versions affected:   BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2,
                     9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3
                     of BIND 9 Supported Preview Edition. Versions 9.13.0 ->
                     9.13.5-W1 of the 9.13 development branch are also
affected.
                     Versions prior to BIND 9.9.0 have not been
evaluated for
                     vulnerability to CVE-2019-6465.
Severity:            Medium
Exploitable:         Remotely

Description:

   Controls for zone transfers may not be properly applied to
   Dynamically Loadable Zones (DLZs) if the zones are writable.

Impact:

   A client exercising this defect can request and receive a zone
   transfer of a DLZ even when not permitted to do so by the
   allow-transfer ACL.

CVSS Score:          5.3
CVSS Vector:         CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

For more information on the Common Vulnerability Scoring System and
to obtain your specific environmental score please visit:
https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Workarounds:         None
Active exploits:     None known.

Solution:

   Upgrade to the patched release most closely related to your
   current version of BIND:

   +  BIND 9.11.5-P4
   +  BIND 9.12.3-P4
Comment 2 Marcus Meissner 2019-02-22 06:10:56 UTC 
now public

CVE-2019-6465:                                                                                                                                                                               
   Controls for zone transfers may not be properly applied to                                                                                                                                
   Dynamically Loadable Zones (DLZs) if the zones are writable.                                                                                                                              
   https://kb.isc.org/docs/cve-2019-6465
Comment 4 Alexander Bergmann 2019-04-17 09:36:23 UTC 
Navin, could you please submit for all affected code streams?
Comment 10 Swamp Workflow Management 2019-06-03 19:11:57 UTC 
SUSE-SU-2019:1407-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1104129,1126068,1126069,1133185
CVE References: CVE-2018-5740,CVE-2018-5743,CVE-2018-5745,CVE-2019-6465
Sources used:
SUSE Linux Enterprise Module for Server Applications 15-SP1 (src):    bind-9.11.2-12.11.2
SUSE Linux Enterprise Module for Server Applications 15 (src):    bind-9.11.2-12.11.2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    bind-9.11.2-12.11.2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    bind-9.11.2-12.11.2
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    bind-9.11.2-12.11.2
SUSE Linux Enterprise Module for Basesystem 15 (src):    bind-9.11.2-12.11.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2019-06-06 22:15:10 UTC 
SUSE-SU-2019:14074-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1104129,1126068,1126069,1133185
CVE References: CVE-2018-5740,CVE-2018-5743,CVE-2018-5745,CVE-2019-6465
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    bind-9.9.6P1-0.51.15.4
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    bind-9.9.6P1-0.51.15.4
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    bind-9.9.6P1-0.51.15.4
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    bind-9.9.6P1-0.51.15.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Swamp Workflow Management 2019-06-07 16:12:07 UTC 
SUSE-SU-2019:1449-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1104129,1126068,1126069,1133185
CVE References: CVE-2018-5740,CVE-2018-5743,CVE-2018-5745,CVE-2019-6465
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    bind-9.9.9P1-28.42.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Swamp Workflow Management 2019-06-10 13:11:57 UTC 
openSUSE-SU-2019:1532-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1104129,1126068,1126069,1133185
CVE References: CVE-2018-5740,CVE-2018-5743,CVE-2018-5745,CVE-2019-6465
Sources used:
openSUSE Leap 42.3 (src):    bind-9.9.9P1-56.1
Comment 14 Swamp Workflow Management 2019-06-10 13:12:50 UTC 
openSUSE-SU-2019:1533-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1104129,1126068,1126069,1133185
CVE References: CVE-2018-5740,CVE-2018-5743,CVE-2018-5745,CVE-2019-6465
Sources used:
openSUSE Leap 15.1 (src):    bind-9.11.2-lp151.11.3.1
openSUSE Leap 15.0 (src):    bind-9.11.2-lp150.8.13.1
Comment 15 Swamp Workflow Management 2019-06-11 13:11:08 UTC 
SUSE-SU-2019:1406-2: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1104129,1126068,1126069,1133185
CVE References: CVE-2018-5740,CVE-2018-5743,CVE-2018-5745,CVE-2019-6465
Sources used:
SUSE CaaS Platform 3.0 (src):    bind-9.9.9P1-63.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2019-10-01 16:21:01 UTC 
SUSE-SU-2019:2502-1: An update that solves 5 vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1104129,1118367,1118368,1126068,1126069,1128220,1133185,1138687
CVE References: CVE-2018-5740,CVE-2018-5743,CVE-2018-5745,CVE-2019-6465,CVE-2019-6471
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    bind-9.11.2-3.10.1
SUSE Linux Enterprise Server 12-SP4 (src):    bind-9.11.2-3.10.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    bind-9.11.2-3.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Alexandros Toptsoglou 2020-04-21 16:52:36 UTC 
Done