[3.11] bind: Race condition when discarding malformed packets can cause bind to exit with assertion failure (CVE-2019-6471)
A race condition which may occur when discarding malformed packets can
result in BIND exiting due to a REQUIRE assertion failure in
dispatch.c.
An attacker who can cause a resolver to perform queries which will be
answered by a server which responds with deliberately malformed
answers
can cause named to exit, denying service to clients.
Versions affected:
BIND 9.11.0 ->9.11.7, 9.12.0 ->9.12.4-P1, 9.14.0 ->9.14.2.
Also all releases of the BIND 9.13 development branch and
version 9.15.0 of the BIND 9.15 development branch. BIND Supported
Preview Edition versions 9.11.3-S1 ->9.11.7-S1.
Fixed In Version:
bind 9.11.8, bind 9.12.4-P2, bind 9.14.3, bind 9.15.1
References:
https://kb.isc.org/docs/cve-2019-6471
(from redmine: issue id 10626, created on 2019-06-27)