FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

BIND -- multiple vulnerabilities

Affected packages
bind912 < 9.12.1P2

Details

VuXML ID 94599fe0-5ca3-11e8-8be1-d05099c0ae8c
Discovery 2018-05-18
Entry 2018-05-21

ISC reports:

An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession.

A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging.

References

CVE Name CVE-2018-5736
CVE Name CVE-2018-5737
URL https://kb.isc.org/article/AA-01602
URL https://kb.isc.org/article/AA-01606