RHEL9+, RSASHA1 and CVE-2025-8677
Petr Menšík
pemensik at redhat.com
Fri Nov 7 10:52:11 UTC 2025
Thank you for the testing zone!
Thank you for creating dedicated testing domain for this, it helped me
to focus on finding the problem cause.
Change merged:
9.18: https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/11211
9.20: https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/11210
Fixes are the same for those versions.
There are fixes prepared, our RHEL and CentOS will contain them already.
Extra note: This can be tested even on Fedora with DEFAULT:NO-SHA1
crypto-policy chosen. That is never default, but can be chosen manually.
Other distributions can emulate this by content
/etc/crypto-policies/back-ends/bind.config has when this is active. That is:
disable-algorithms "." {
RSAMD5;
RSASHA1;
NSEC3RSASHA1;
DSA;
NSEC3DSA;
ECCGOST;
};
disable-ds-digests "." {
SHA-1;
GOST;
};
Of course that can configured only in named.conf. named -d 3 would
provide output similar to delv +vtrace into named log.
On 31/10/2025 14:20, Bjørn Mork via bind-users wrote:
> I created an empty test zone demonstrating the issue at test.mork.no
> since I assume Steinar want to fix globalconnect.no ASAP.
>
> my test is using this policy
>
> dnssec-policy "buggy" {
> keys {
> ksk lifetime unlimited algorithm ecdsa256;
> ksk lifetime unlimited algorithm rsasha1;
> zsk lifetime unlimited algorithm ecdsa256;
> zsk lifetime unlimited algorithm rsasha1;
> };
> purge-keys 0; // never purge deleted keys
> };
>
> It looks like this on BIND 9.20.15 on Debian:
>
>
> $ dig soa test.mork.no +do +multiline
>
> ; <<>> DiG 9.20.15-1~deb13u1-Debian <<>> soa test.mork.no +do +multiline
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33562
> ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 1232
> ; COOKIE: e9034514aa89ecaf010000006904b6fc1d1d21c9dd0f3271 (good)
> ;; QUESTION SECTION:
> ;test.mork.no. IN SOA
>
> ;; ANSWER SECTION:
> test.mork.no. 42706 IN SOA dilbert.mork.no. bjorn.mork.no. (
> 2025103104 ; serial
> 14400 ; refresh (4 hours)
> 3600 ; retry (1 hour)
> 3628800 ; expire (6 weeks)
> 43200 ; minimum (12 hours)
> )
> test.mork.no. 42706 IN RRSIG SOA 5 3 43200 (
> 20251114130703 20251031120703 41785 test.mork.no.
> KCp2cNNGa1WUFamqy1ybKkxynvnuSvms3cWD8d9/TAq2
> XfkUiJxz4ccbZoS0wK3aa0mA1YiKANKlscrjpRkJw/RP
> Qkw7Ci3hiIHlDd50DM2rSh74U7GdABrNUJcGuaKpj8DT
> vNCH4nkJbxHehYhDe3jICVR710t4EHtuUn42tuJpjxLf
> sv8N9oaVcdhv5pHmbgTSIQ3ZdRvgM954M4QPYCGPxYLP
> iUf5rT8jeYw9gpCye5zgpld5kcJHDx9Sgb78y2OXRd+J
> T2blFVgqTioFUQopFzIzGilRA6u4fnJcsItRtOYMNhSm
> 6cGjBpmPrKIW/vzA4K50AqUfsOIPhIeezw== )
> test.mork.no. 42706 IN RRSIG SOA 13 3 43200 (
> 20251114130703 20251031120703 38456 test.mork.no.
> gzbDNH4wWWdDD8WJu7rTW37RwGp+EBkPbiOZYZsOLnnk
> Xm3oILf9dKUjq0T8yEDVqbjV39ZXOknj3ZpgGN3ZnQ== )
>
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
> ;; WHEN: Fri Oct 31 14:17:48 CET 2025
> ;; MSG SIZE rcvd: 527
>
>
>
>
> And like this on RHEL9 using default crypto policies:
>
> $ dig soa test.mork.no +do +multiline @redacted
>
> ; <<>> DiG 9.20.15-1~deb13u1-Debian <<>> soa test.mork.no +do +multiline @ti0300o830-ipv4.ti.telenor.net
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35775
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 1232
> ; COOKIE: eb17c1af58c156fb010000006904b74f39c1351b58c1fde6 (good)
> ;; QUESTION SECTION:
> ;test.mork.no. IN SOA
>
> ;; Query time: 200 msec
> ;; SERVER: redacted#53(redacted) (UDP)
> ;; WHEN: Fri Oct 31 14:19:11 CET 2025
> ;; MSG SIZE rcvd: 69
>
>
>
> Bjørn
>
--
Petr Menšík
Senior Software Engineer, RHEL
Red Hat, https://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
More information about the bind-users
mailing list