<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div id="content-header"> <tt>BIND 9 Resolver crashes after logging
an error in query.c<br>
<br>
</tt> </div>
<tt> </tt>
<div id="content-area">
<div id="node-1248" class="node node-type-advisory">
<div class="node-inner">
<div class="content">
<div class="field field-type-text field-field-summary">
<div class="field-items">
<div class="field-item odd"><tt> Summary: Organizations
across the Internet reported crashes interrupting
service on BIND 9 nameservers performing recursive
queries. Affected servers crashed after logging an
error in query.c with the following message:
"INSIST(! dns_rdataset_isassociated(sigrdataset))"
Multiple versions were reported being affected,
including all currently supported release versions
of ISC BIND 9.
ISC is actively investigating the root cause and has
produced patches which prevent the crash. Further
information will be made available soon. </tt></div>
</div>
</div>
<div class="field field-type-text field-field-cve">
<div class="field-items">
<div class="field-item odd">
<div class="field-label-inline-first"><tt> <br>
CVE: </tt><tt><a target="_blank" class="ext
hrefhttp:--cve.mitre.org-cgi-bin-cvename.cgi?name=CVE-2011-4313"
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313">CVE-2011-4313</a></tt></div>
<tt><span class="ext"></span></tt> </div>
</div>
</div>
<div class="field field-type-text
field-field-document-version">
<div class="field-items">
<div class="field-item odd">
<div class="field-label-inline-first"><tt> Document
Version: </tt><tt>1.1<br>
Document URL:
<a class="moz-txt-link-freetext" href="http://www.isc.org/software/bind/advisories/cve-2011-4313">http://www.isc.org/software/bind/advisories/cve-2011-4313</a>
<br>
</tt></div>
<tt> </tt></div>
</div>
</div>
<div class="field field-type-date field-field-date">
<div class="field-items">
<div class="field-item odd">
<div class="field-label-inline-first"><tt> Posting
date: </tt><tt><span class="date-display-single">16
Nov 2011</span></tt></div>
<tt><span class="date-display-single"></span></tt> </div>
</div>
</div>
<div class="field field-type-nodereference
field-field-project">
<div class="field-items">
<div class="field-item odd">
<div class="field-label-inline-first"><tt> Program
Impacted: BIND</tt></div>
</div>
</div>
</div>
<div class="field field-type-text
field-field-versions-affected">
<div class="field-items">
<div class="field-label-inline-first">
<div class="field-label-inline-first"><tt> Versions
affected: </tt><tt>All currently supported
versions of BIND, 9.4-ESV, 9.6-ESV, 9.7.x, 9.8.x </tt>
</div>
<tt>Severity: </tt><tt>Serious </tt></div>
</div>
</div>
<div class="field field-type-text field-field-exploitable">
<div class="field-items">
<div class="field-item odd">
<div class="field-label-inline-first"><tt>
Exploitable: </tt><tt>Remotely<br>
<br>
</tt></div>
<tt> </tt></div>
</div>
</div>
<div class="field field-type-text field-field-description">
<div class="field-label"><tt>Description: </tt></div>
<div class="field-items">
<div class="field-item odd"><tt> An as-yet unidentified
network event caused BIND 9 resolvers to cache an
invalid record, subsequent queries for which could
crash the resolvers with an assertion failure. ISC
is working on determining the ultimate cause by
which a record with this particular inconsistency is
cached.At this time we are making available a patch
which makes named recover gracefully from the
inconsistency, preventing the abnormal exit. <br>
<br>
The patch has two components. When a client query is
handled, the code which processes the response to
the client has to ask the cache for the records for
the name that is being queried. The first component
of the patch prevents the cache from returning the
inconsistent data. The second component prevents
named from crashing if it detects that it has been
given an inconsistent answer of this nature.<br>
<br>
<strong>CVSS Score: 7.8<br>
<br>
CVSS Equation: </strong></tt><tt>(AV:N/AC:L/Au:N/C:N/I:N/A:C)</tt><tt><strong></strong>
<br>
<br>
</tt> </div>
</div>
</div>
<div class="field field-type-text field-field-workarounds">
<div class="field-label"><tt>Workarounds: </tt></div>
<div class="field-items">
<div class="field-item odd"><tt> No workarounds are
known. The solution is to upgrade. Upgrade BIND to
one of the following patched versions: BIND
9.8.1-P1, 9.7.4-P1, 9.6-ESV-R5-P1, 9.4-ESV-R5-P1<br>
<br>
</tt> </div>
</div>
</div>
<div class="field field-type-text field-field-exploits">
<div class="field-label"><tt>Active exploits: </tt></div>
<div class="field-items">
<div class="field-item odd"><tt> Under investigation<br>
<br>
</tt></div>
</div>
</div>
<div class="field field-type-text field-field-solution">
<div class="field-label"><tt>Solution: </tt></div>
<div class="field-items">
<div class="field-item odd"><tt> Patches mitigating the
issue are available at: <br>
<a
class="hrefhttps:--www.isc.org-software-bind-981-p1"
href="https://www.isc.org/software/bind/981-p1"
title="https://www.isc.org/software/bind/981-p1">https://www.isc.org/software/bind/981-p1</a><br>
<a
class="hrefhttps:--www.isc.org-software-bind-974-p1"
href="https://www.isc.org/software/bind/974-p1"
title="https://www.isc.org/software/bind/974-p1">https://www.isc.org/software/bind/974-p1</a><br>
<a
class="hrefhttps:--www.isc.org-software-bind-96-esv-r5-p1"
href="https://www.isc.org/software/bind/96-esv-r5-p1"
title="https://www.isc.org/software/bind/96-esv-r5-p1">https://www.isc.org/software/bind/96-esv-r5-p1</a><br>
<a
class="hrefhttps:--www.isc.org-software-bind-94-esv-r5-p1"
href="https://www.isc.org/software/bind/94-esv-r5-p1"
title="https://www.isc.org/software/bind/94-esv-r5-p1">https://www.isc.org/software/bind/94-esv-r5-p1</a><br>
<br>
</tt> </div>
</div>
</div>
<div class="field field-type-text field-field-notes">
<div class="field-items">
<div class="field-item odd"><tt> ISC is receiving
multiple reports and working with multiple customers
on this issue. Please E-mail all questions, packet
captures, and details to <a class="mailto
hrefmailto:security-officer@isc.org"
href="mailto:security-officer@isc.org">security-officer@isc.org</a><br>
<span class="mailto"></span> <br>
We very much appreciate all reports received on this
issue.<br>
<br>
</tt> </div>
</div>
</div>
<div class="field field-type-text
field-field-releated-document">
<div class="field-label"><tt>Related Documents: </tt></div>
<div class="field-items">
<div class="field-item odd"><tt> Do you have Questions?
Questions regarding this advisory should go to <a
class="mailto hrefmailto:security-officer@isc.org"
href="mailto:security-officer@isc.org">security-officer@isc.org</a><span
class="mailto"></span>.<br>
<br>
ISC Security Vulnerability Disclosure Policy:
Details of our current security advisory policy and
practice can be found here: <a
class="hrefhttps:--www.isc.org-security-vulnerability-disclosure-policy"
href="https://www.isc.org/security-vulnerability-disclosure-policy"
title="https://www.isc.org/security-vulnerability-disclosure-policy">https://www.isc.org/security-vulnerability-disclosure-policy</a><br>
<br>
</tt> </div>
</div>
</div>
<div class="field field-type-text field-field-legal">
<div class="field-label"><tt>Legal Disclaimer: <br>
</tt></div>
<div class="field-items">
<div class="field-item odd"><tt> Internet Systems
Consortium (ISC) is providing this notice on an "AS
IS" basis. No warranty or guarantee of any kind is
expressed in this notice and none should be implied.
ISC expressly excludes and disclaims any warranties
regarding this notice or materials referred to in
this notice, including, without limitation, any
implied warranty of merchantability, fitness for a
particular purpose, absence of hidden defects, or of
non-infringement. Your use or reliance on this
notice or materials referred to in this notice is at
your own risk. ISC may change this notice at any
time.<br>
<br>
A stand-alone copy or paraphrase of the text of this
document that omits the document URL is an
uncontrolled copy. Uncontrolled copies may lack
important information, be out of date, or contain
factual errors. </tt> </div>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>