ISC BIND TKEY Query Out-Of-Bounds Read Information Disclosure Vulnerability
jmoellers at suse.de
Wed Jun 16 09:18:31 UTC 2021
On 10.06.21 11:43, Josef Moellers wrote:
> Some time ago, this vulnerability was disclosed, but I cannot find any
> trace of the fix for this in the latest CHANGES file.
> As I need to backport the fix to older versions, can anyone describe
> where and how this was fixed?
So far, I'm still stuck with this problem of backporting the fix.
I'm assuming that the information is not to be disclosed, so I'll try
and tackle it from a different angle:
How do I send a "TKEY Query" in the first place?
If I can do that, I can follow its path through the code and see where
it may hit any out-of-bounds problems.
Thanks in advance,
SUSE Software Solutions Germany GmbH
(HRB 36809, AG Nürnberg)
Geschäftsführer: Felix Imendörffer
More information about the bind-workers