Bug 1085417 - (CVE-2018-5734) VUL-0: CVE-2018-5734: bind: A malformed request can trigger an assertion failure in badcache.c
(CVE-2018-5734)
VUL-0: CVE-2018-5734: bind: A malformed request can trigger an assertion fail...
Status: RESOLVED INVALID
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P5 - None : Minor
: ---
Assigned To: Navin Kukreja
Security Team bot
https://smash.suse.de/issue/201023/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-03-15 07:49 UTC by Karol Babioch
Modified: 2018-03-15 07:50 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Karol Babioch 2018-03-15 07:49:04 UTC
rh#1550602

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode.  If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information.

External References:

https://kb.isc.org/article/AA-01562/

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1550602
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5734
http://seclists.org/oss-sec/2018/q1/198
http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-5734.html
https://kb.isc.org/article/AA-01565/75/CVE-2018-5732
https://kb.isc.org/article/AA-01567/75/CVE-2018-5733
https://kb.isc.org/article/AA-01562/74/CVE-2018-5734
Comment 1 Karol Babioch 2018-03-15 07:50:41 UTC
Only affects versions, which we don't ship: 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2