CVE-2017-3145
Improper fetch cleanup sequencing in the resolver can cause named to crash
In short
BIND's DNS resolver has a flaw in how it cleans up network requests, which can cause the named service to crash. This vulnerability affects multiple versions of BIND and can be triggered by specially crafted DNS queries.
Technical detail
A use-after-free vulnerability exists in BIND's recursive resolver due to improper sequencing of cleanup operations on upstream fetch contexts. An attacker can send crafted DNS queries to trigger an assertion failure and crash the named daemon, affecting BIND versions 9.0.0 through 9.12.0rc1 across multiple release branches.
Summary generated and translated by AI from the official description.
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
ISC · BIND 9Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://access.redhat.com/errata/RHSA-2018:0101https://access.redhat.com/errata/RHSA-2018:0102https://access.redhat.com/errata/RHSA-2018:0487https://access.redhat.com/errata/RHSA-2018:0488https://kb.isc.org/docs/aa-01542https://lists.debian.org/debian-lts-announce/2018/01/msg00029.htmlhttps://security.netapp.com/advisory/ntap-20180117-0003/https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-namedhttps://www.debian.org/security/2018/dsa-4089http://www.securityfocus.com/bid/102716http://www.securitytracker.com/id/1040195