Bug 1188495 - (CVE-2021-36754) VUL-0: CVE-2021-36754: pdns: Specific query crashes Authoritative Server
(CVE-2021-36754)
VUL-0: CVE-2021-36754: pdns: Specific query crashes Authoritative Server
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/304594/
CVSSv3.1:SUSE:CVE-2021-36754:7.5:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-07-20 06:22 UTC by Alexander Bergmann
Modified: 2022-03-29 09:40 UTC (History)
5 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 4 Robert Frohl 2021-07-26 14:16:56 UTC
oss-security: 

Hello,

today we have released PowerDNS Authoritative Server 4.5.1, fixing a
remotely triggered crash present in version 4.5.0. No other versions
are affected.

Tarballs and signatures are available at 
https://downloads.powerdns.com/releases/, and a single patch is
available at https://downloads.powerdns.com/patches/2021-01/. However,
4.5.1 contains no other changes.

Please find the full text of the advisory below.

PowerDNS Security Advisory 2021-01: Specific query crashes
Authoritative Server

-  CVE: CVE-2021-36754
-  Date: July 26th, 2021
-  Affects: PowerDNS Authoritative version 4.5.0
-  Not affected: 4.4.x and below, 4.5.1
-  Severity: High
-  Impact: Denial of service
-  Exploit: This problem can be triggered via a specific query packet
-  Risk of system compromise: None
-  Solution: Upgrade to 4.5.1, or filter queries in ``dnsdist``

PowerDNS Authoritative Server 4.5.0 (and the alpha/beta/rc1/rc2
prereleases that came before it) will crash with an uncaught out of
bounds exception if it receives a query with QTYPE 65535. The offending
code was not present in earlier versions, and they are not affected.

Users that cannot upgrade immediately, but do have dnsdist in place,
can use dnsdist to filter such queries before they do harm, with
something like ``addAction(QTypeRule(65535),
RCodeAction(DNSRCode.REFUSED))``.

When the PowerDNS Authoritative Server is run inside a supervisor like
supervisord or systemd, an uncaught exception crash will lead to an
automatic restart, limiting the impact to a somewhat degraded service.

We would like to thank Reinier Schoof and Robin Geuze of TransIP for
noticing crashes in production, immediately letting us know, and
helping us figure out what was happening.

Kind regards,
-- 
Peter van Dijk
Comment 5 OBSbugzilla Bot 2021-07-26 16:10:06 UTC
This is an autogenerated message for OBS integration:
This bug (1188495) was mentioned in
https://build.opensuse.org/request/show/908440 Factory / pdns
Comment 6 Christian Almeida de Oliveira 2021-07-28 10:15:32 UTC
back to security team as it does not affect SOC products, please refer to comment #3
Comment 8 OBSbugzilla Bot 2022-03-29 09:40:19 UTC
This is an autogenerated message for OBS integration:
This bug (1188495) was mentioned in
https://build.opensuse.org/request/show/965583 Backports:SLE-12-SP4 / pdns