CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.8:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.9:p5:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.9:s7:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.5:beta1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.1:beta1:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-01-16 20:29

Updated : 2024-02-28 16:48


NVD link : CVE-2017-3135

Mitre link : CVE-2017-3135

CVE.ORG link : CVE-2017-3135


JSON object : View

Products Affected

redhat

  • enterprise_linux_server
  • enterprise_linux_server_eus
  • enterprise_linux_desktop
  • enterprise_linux_server_aus
  • enterprise_linux_server_tus
  • enterprise_linux_workstation

netapp

  • data_ontap_edge
  • element_software_management_node

isc

  • bind

debian

  • debian_linux
CWE
CWE-476

NULL Pointer Dereference