CVE-2019-6477 – TCP-pipelined queries can bypass tcp-clients limit
https://notcve.org/view.php?id=CVE-2019-6477
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem). Con pipelining habilitada, cada consulta entrante en una conexión TCP requiere una asignación de recursos similar a una consulta recibida por medio de UDP o TCP sin pipelining habilitada. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2019-6477 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3DEMNZMKR57VQJCG5ZN55ZGTQRL2TFQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGURMGQHX45KR4QDRCSUQHODUFOGNGAN https://support.f5.com/csp/article/K15840535?utm_source=f5support&%3Butm_medium=RSS http • CWE-400: Uncontrolled Resource Consumption •
CVE-2019-6471 – A race condition when discarding malformed packets can cause BIND to exit with an assertion failure
https://notcve.org/view.php?id=CVE-2019-6471
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1. Una condición de carrera que puede presentarse al descartar paquetes malformados puede provocar la salida de BIND debido a un fallo de aserción de REQUIRE en el archivo dispatch.c. Versiones afectadas: BIND 9.11.0 hasta 9.11.7, 9.12.0 hasta 9.12.4-P1, 9.14.0 hasta 9.14.2. • https://kb.isc.org/docs/cve-2019-6471 https://support.f5.com/csp/article/K10092301?utm_source=f5support&%3Butm_medium=RSS https://access.redhat.com/security/cve/CVE-2019-6471 https://bugzilla.redhat.com/show_bug.cgi?id=1721780 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-617: Reachable Assertion •
CVE-2018-5743 – Limiting simultaneous TCP clients was ineffective
https://notcve.org/view.php?id=CVE-2018-5743
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. • https://kb.isc.org/docs/cve-2018-5743 https://support.f5.com/csp/article/K74009656?utm_source=f5support&%3Butm_medium=RSS https://www.synology.com/security/advisory/Synology_SA_19_20 https://access.redhat.com/security/cve/CVE-2018-5743 https://bugzilla.redhat.com/show_bug.cgi?id=1702541 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2019-6465 – Zone transfer controls for writable DLZ zones were not effective
https://notcve.org/view.php?id=CVE-2019-6465
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465. Los controles para las transferencias de zona pueden no ser aplicados correctamente en Dynamically Loadable Zones (DLZs) si las zonas son grabables. Versiones afectadas: BIND 9.9.0 hasta 9.10.8-P1, 9.11.0 hasta 9.11.5-P2, 9.12.0 hasta 9.12.3-P2, y versiones 9.9.3-S1 hasta 9.11.5-S3 de BIND 9 Supported Preview Edition. • https://access.redhat.com/errata/RHSA-2019:3552 https://kb.isc.org/docs/cve-2019-6465 https://access.redhat.com/security/cve/CVE-2019-6465 https://bugzilla.redhat.com/show_bug.cgi?id=1679304 • CWE-284: Improper Access Control CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2018-5745 – An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys
https://notcve.org/view.php?id=CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745. • https://access.redhat.com/errata/RHSA-2019:3552 https://kb.isc.org/docs/cve-2018-5745 https://access.redhat.com/security/cve/CVE-2018-5745 https://bugzilla.redhat.com/show_bug.cgi?id=1679303 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-617: Reachable Assertion •