Resolution for Bind Security Vulnerability in April, 2017 (CVE-2017-3136, CVE-2017-3137, CVE-2017-3138)
Issue
- CVE-2017-3136: An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;".
- CVE-2017-3137: A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME.
- CVE-2017-3138: named exits with a REQUIRE assertion failure if it receives a null command string on its control channel.
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.