Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2017-0276.html | Third Party Advisory |
http://www.securityfocus.com/bid/96150 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1037801 | Third Party Advisory VDB Entry |
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us | Third Party Advisory |
https://kb.isc.org/docs/aa-01453 | Vendor Advisory |
https://security.gentoo.org/glsa/201708-01 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20180926-0005/ | Third Party Advisory |
https://www.debian.org/security/2017/dsa-3795 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
No history.
Information
Published : 2019-01-16 20:29
Updated : 2024-02-28 16:48
NVD link : CVE-2017-3135
Mitre link : CVE-2017-3135
CVE.ORG link : CVE-2017-3135
JSON object : View
Products Affected
redhat
- enterprise_linux_server
- enterprise_linux_server_eus
- enterprise_linux_desktop
- enterprise_linux_server_aus
- enterprise_linux_server_tus
- enterprise_linux_workstation
netapp
- data_ontap_edge
- element_software_management_node
isc
- bind
debian
- debian_linux
CWE
CWE-476
NULL Pointer Dereference