ISC BIND TKEY Query Out-Of-Bounds Read Information Disclosure Vulnerability

Josef Moellers jmoellers at suse.de
Thu Jun 10 10:00:47 UTC 2021


Hello Peter,

On 10.06.21 11:57, Peter Davies wrote:
> Hi Josef,
>   Was it Hi Josef,
>   Was it "CVE-2020-8622: A truncated TSIG response can lead to an
> assertion failure" you were thinking of?

No. As far as I know, no CVE# has yet been assigned. The vulnerability
was discovered by the Zero Day Initiative:
https://www.zerodayinitiative.com/advisories/ZDI-21-502/

They write that is has been fixed in 9.11.31 and 9.16.15 and this it was
definitely present in 9.16.13. I am currently searching for what may be
the fix but the code is pretty complex ...

Thanks,

Josef
>  
> https://kb.isc.org/docs/cve-2020-8622?highlight=%20%20CVE:%20%20%20CVE-2020-8622%20%20%20%20Document%20version:%20%202.0%20%20%20Posting%20date:%20%2020%20August%202020%20%20%20Program%20impacted:%20%20%20BIND%20%20%20%20Versions%20affected:%20%20BIND%209.0.0%20->%209.11.21,%209.12.0%20->%209.16.5
> <https://kb.isc.org/docs/cve-2020-8622?highlight=%20%20CVE:%20%20%20CVE-2020-8622%20%20%20%20Document%20version:%20%202.0%20%20%20Posting%20date:%20%2020%20August%202020%20%20%20Program%20impacted:%20%20%20BIND%20%20%20%20Versions%20affected:%20%20BIND%209.0.0%20->%209.11.21,%209.12.0%20->%209.16.5>
> <https://kb.isc.org/docs/cve-2020-8622?highlight=%20%20CVE:%20%20%20CVE-2020-8622%20%20%20%20Document%20version:%20%202.0%20%20%20Posting%20date:%20%2020%20August%202020%20%20%20Program%20impacted:%20%20%20BIND%20%20%20%20Versions%20affected:%20%20BIND%209.0.0%20->%209.11.21,%209.12.0%20->%209.16.5>
> 	
> CVE-2020-8622: A truncated TSIG response can lead to an assertion
> failure - Security Advisories
> <https://kb.isc.org/docs/cve-2020-8622?highlight=%20%20CVE:%20%20%20CVE-2020-8622%20%20%20%20Document%20version:%20%202.0%20%20%20Posting%20date:%20%2020%20August%202020%20%20%20Program%20impacted:%20%20%20BIND%20%20%20%20Versions%20affected:%20%20BIND%209.0.0%20->%209.11.21,%209.12.0%20->%209.16.5>
> kb.isc.org
> 
> //
> 
> Kind Regards Peter
> Sent from Outlook <http://aka.ms/weboutlook>
> ------------------------------------------------------------------------
> *From:* bind-workers <bind-workers-bounces at lists.isc.org> on behalf of
> Josef Moellers <jmoellers at suse.de>
> *Sent:* 10 June 2021 11:43
> *To:* bind-workers at lists.isc.org <bind-workers at lists.isc.org>
> *Subject:* ISC BIND TKEY Query Out-Of-Bounds Read Information Disclosure
> Vulnerability
>  
> Hi,
> 
> Some time ago, this vulnerability was disclosed, but I cannot find any
> trace of the fix for this in the latest CHANGES file.
> 
> As I need to backport the fix to older versions, can anyone describe
> where and how this was fixed?
> 
> Thanks and ... stay safe!
> 
> Josef
> 
> -- 
> SUSE Software Solutions Germany GmbH
> Maxfeldstr. 5
> 90409 Nürnberg
> Germany
> 
> (HRB 36809, AG Nürnberg)
> Geschäftsführer: Felix Imendörffer
> 
> _______________________________________________
> bind-workers mailing list
> bind-workers at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-workers
> <https://lists.isc.org/mailman/listinfo/bind-workers>


-- 
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nürnberg
Germany

(HRB 36809, AG Nürnberg)
Geschäftsführer: Felix Imendörffer


More information about the bind-workers mailing list