[3.5] bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145)
Improper sequencing during cleanup operations of upstream recursion fetch contexts in BIND can lead to a use-after-free error, triggering an assertion failure and crash in named. Affected BIND versions acting as DNSSEC validating resolvers are currently known to crash with an assertion failure in netaddr.c due to this bug.
Affected versions:
9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1
Fixed In:
bind 9.9.11-P1, bind 9.10.6-P1, bind 9.10.6-S2, bind 9.11.2-P1, bind 9.9.11-S2, bind 9.12.0rc2
References:
https://kb.isc.org/article/AA-01542
(from redmine: issue id 8419, created on 2018-01-25, closed on 2018-02-17)
- Relations:
- parent #8415 (closed)
- Changesets:
- Revision 1bc9533e on 2018-02-08T08:38:18Z:
main/bind: security upgrade to 9.10.6-P1 (CVE-2017-3145)
Fixes #8419