[3.7] bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145)
Improper sequencing during cleanup operations of upstream recursion fetch contexts in BIND can lead to a use-after-free error, triggering an assertion failure and crash in named. Affected BIND versions acting as DNSSEC validating resolvers are currently known to crash with an assertion failure in netaddr.c due to this bug.
9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1
bind 9.9.11-P1, bind 9.10.6-P1, bind 9.10.6-S2, bind 9.11.2-P1, bind 9.9.11-S2, bind 9.12.0rc2
(from redmine: issue id 8417, created on 2018-01-25, closed on 2018-02-17)
- parent #8415 (closed)