CVE-2018-5740
A denial of service flaw was discovered in bind versions that include the "deny-answer-aliases" feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition.
Find out more about CVE-2018-5740 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
The "deny-answer-aliases" configuration option is not enabled in default configurations of bind. Upstream states that this option is very rarely used. As such, if customers have not specifically enabled this option in configurations, the risk should be mitigated.
CVSS v3 metrics
| CVSS3 Base Score | 7.5 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Attack Vector | Network |
| Attack Complexity | Low |
| Privileges Required | None |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity Impact | None |
| Availability Impact | High |
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 7 (bind) | RHSA-2018:2570 | 2018-08-27 |
| Red Hat Enterprise Linux 6 (bind) | RHSA-2018:2571 | 2018-08-27 |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Virtualization 4 | bind | Not affected |
| Red Hat Enterprise Linux 5 | bind97 | Will not fix |
| Red Hat Enterprise Linux 5 | bind | Not affected |
Acknowledgements
Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) as the original reporter.Mitigation
Disabling the "deny-answer-aliases" configuration option should prevent exploitation.