RHEL9+, RSASHA1 and CVE-2025-8677

Petr Menšík pemensik at redhat.com
Fri Oct 31 17:26:51 UTC 2025 

Thank you!

Yes, I think this slipped untested and is present not only in 9.20, but 
also in 9.18 I just built.

Thank you for quick testing domain!

Yes, this passed on previous delv +vtrace test.mork.no., but fails with 
fresh fixes applied.

This is unintentional regression. There are many tests, but none of them 
tries combination of supported and unsupported together. I think dual 
signing is rare in DNSSEC, but maybe not so much.

Additional pity is inability to test this with delv tool on system where 
RSA1 is not disabled. It needs crypto library refusing try SHA1, which 
for example is not implemented on Fedora the same way. Disabling by 
configuration file is supported only in named, where it is not so simple 
to debug.

This is even bigger problem on RHEL10, where DEFAULT:SHA1 is not 
provided anymore. This is not trivially testable on rootcanary.org test.

So yes, our fixes will be delayed a bit. We want this fixed before 
releasing our fixed builds.

Cheers,
Petr

On 31/10/2025 14:20, Bjørn Mork via bind-users wrote:
> I created an empty test zone demonstrating the issue at test.mork.no
> since I assume Steinar want to fix globalconnect.no ASAP.
>
> my test is using this policy
>
> dnssec-policy "buggy" {
>          keys {
>                  ksk lifetime unlimited algorithm ecdsa256;
>                  ksk lifetime unlimited algorithm rsasha1;
>                  zsk lifetime unlimited algorithm ecdsa256;
>                  zsk lifetime unlimited algorithm rsasha1;
>          };
>          purge-keys 0;   // never purge deleted keys
> };
>
> It looks like this on BIND 9.20.15 on Debian:
>
>
> $ dig soa test.mork.no +do +multiline
>   
> ; <<>> DiG 9.20.15-1~deb13u1-Debian <<>> soa test.mork.no +do +multiline
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33562
> ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
>   
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 1232
> ; COOKIE: e9034514aa89ecaf010000006904b6fc1d1d21c9dd0f3271 (good)
> ;; QUESTION SECTION:
> ;test.mork.no.          IN SOA
>   
> ;; ANSWER SECTION:
> test.mork.no.           42706 IN SOA dilbert.mork.no. bjorn.mork.no. (
>                                  2025103104 ; serial
>                                  14400      ; refresh (4 hours)
>                                  3600       ; retry (1 hour)
>                                  3628800    ; expire (6 weeks)
>                                  43200      ; minimum (12 hours)
>                                  )
> test.mork.no.           42706 IN RRSIG SOA 5 3 43200 (
>                                  20251114130703 20251031120703 41785 test.mork.no.
>                                  KCp2cNNGa1WUFamqy1ybKkxynvnuSvms3cWD8d9/TAq2
>                                  XfkUiJxz4ccbZoS0wK3aa0mA1YiKANKlscrjpRkJw/RP
>                                  Qkw7Ci3hiIHlDd50DM2rSh74U7GdABrNUJcGuaKpj8DT
>                                  vNCH4nkJbxHehYhDe3jICVR710t4EHtuUn42tuJpjxLf
>                                  sv8N9oaVcdhv5pHmbgTSIQ3ZdRvgM954M4QPYCGPxYLP
>                                  iUf5rT8jeYw9gpCye5zgpld5kcJHDx9Sgb78y2OXRd+J
>                                  T2blFVgqTioFUQopFzIzGilRA6u4fnJcsItRtOYMNhSm
>                                  6cGjBpmPrKIW/vzA4K50AqUfsOIPhIeezw== )
> test.mork.no.           42706 IN RRSIG SOA 13 3 43200 (
>                                  20251114130703 20251031120703 38456 test.mork.no.
>                                  gzbDNH4wWWdDD8WJu7rTW37RwGp+EBkPbiOZYZsOLnnk
>                                  Xm3oILf9dKUjq0T8yEDVqbjV39ZXOknj3ZpgGN3ZnQ== )
>   
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
> ;; WHEN: Fri Oct 31 14:17:48 CET 2025
> ;; MSG SIZE  rcvd: 527
>   
>
>
>
> And like this on RHEL9 using default crypto policies:
>
> $ dig soa test.mork.no +do +multiline @redacted
>   
> ; <<>> DiG 9.20.15-1~deb13u1-Debian <<>> soa test.mork.no +do +multiline @ti0300o830-ipv4.ti.telenor.net
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35775
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>   
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 1232
> ; COOKIE: eb17c1af58c156fb010000006904b74f39c1351b58c1fde6 (good)
> ;; QUESTION SECTION:
> ;test.mork.no.          IN SOA
>   
> ;; Query time: 200 msec
> ;; SERVER: redacted#53(redacted) (UDP)
> ;; WHEN: Fri Oct 31 14:19:11 CET 2025
> ;; MSG SIZE  rcvd: 69
>   
>
>
> Bjørn
>   

-- 
Petr Menšík
Senior Software Engineer, RHEL
Red Hat,https://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20251031/7d57d569/attachment-0001.htm>

More information about the bind-users mailing list