Bug 1133187 (CVE-2019-6468)

Summary: VUL-0: CVE-2019-6468: bind: BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used.
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: Navin Kukreja <navin.kukreja>
Status: RESOLVED UPSTREAM QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium    
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Comment 1 Marcus Meissner 2019-04-25 05:54:50 UTC
https://kb.isc.org/docs/cve-2019-6468


CVE-2019-6468: BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used

    Updated on 24 Apr 2019
    2 minutes to read
    Contributors
    [Michael McNally ]

    Print
    Share
    Dark

CVE: CVE-2019-6468

Document version: 2.0

Posting date: 24 April 2019

Program impacted: BIND

Versions affected: BIND Supported Preview Edition version 9.10.5-S1 -> 9.11.5-S5. ONLY BIND Supported Preview Edition releases are affected.

Severity: Medium

Exploitable: Remotely

Description:

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure.

Impact:

If nxdomain-redirect is enabled (via configuration) in a vulnerable BIND release, a malicious party can cause BIND to exit by deliberately triggering the bug.

CVSS Score: 5.9

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

For more information on the Common Vulnerability Scoring System and to obtain your specific environmental score please visit: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H.

Workarounds:

Exploitation of this defect can be effectively prevented by disabling the nxdomain-redirect feature in the nameserver's configuration.

Active exploits:

None known.

Solution:

Upgrade to the patched release most closely related to your current version of BIND:

BIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.

    BIND 9.11.5-S6
    BIND 9.11.6-S1

Document revision history:

1.0 Early Notification, 15 April 2019
1.1 Added reference to BIND 9.11.6-S1 in Solution section
2.0 Public Disclosure, 24 April 2019
Comment 2 Marcus Meissner 2019-04-25 05:55:19 UTC
we are not affected as we are not shipping this versions