In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk (*) character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.
Weakness
The product does not release or incorrectly releases a resource before it is made available for re-use.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Bind | Isc | 9.11.14 (including) | 9.11.19 (including) |
| Bind | Isc | 9.11.14-s1 (including) | 9.11.19-s1 (including) |
| Bind | Isc | 9.14.9 (including) | 9.14.12 (including) |
| Bind | Isc | 9.16.0 (including) | 9.16.3 (including) |
| Red Hat Enterprise Linux 8 | RedHat | bind-32:9.11.20-5.el8 | * |
| Red Hat Enterprise Linux 8 | RedHat | bind-32:9.11.20-5.el8 | * |
| Bind9 | Ubuntu | devel | * |
| Bind9 | Ubuntu | esm-infra/focal | * |
| Bind9 | Ubuntu | focal | * |
| Bind9 | Ubuntu | trusty | * |
| Bind9 | Ubuntu | upstream | * |
Potential Mitigations
- Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, languages such as Java, Ruby, and Lisp perform automatic garbage collection that releases memory for objects that have been deallocated.
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/125.html
- https://cwe.mitre.org/data/definitions/130.html
- https://cwe.mitre.org/data/definitions/131.html
- https://cwe.mitre.org/data/definitions/494.html
- https://cwe.mitre.org/data/definitions/495.html
- https://cwe.mitre.org/data/definitions/496.html
- https://cwe.mitre.org/data/definitions/666.html
References
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html
- https://kb.isc.org/docs/cve-2020-8619
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNFTTYJ5JJJJ6QG3AHXJGDIIEYMDFWFW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIOXMJX4N3LBKC65OXNBE52W4GAS7QEX/
- https://security.netapp.com/advisory/ntap-20200625-0003/
- https://usn.ubuntu.com/4399-1/
- https://www.debian.org/security/2020/dsa-4752
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html
- https://kb.isc.org/docs/cve-2020-8619
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNFTTYJ5JJJJ6QG3AHXJGDIIEYMDFWFW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIOXMJX4N3LBKC65OXNBE52W4GAS7QEX/
- https://security.netapp.com/advisory/ntap-20200625-0003/
- https://usn.ubuntu.com/4399-1/
- https://www.debian.org/security/2020/dsa-4752