BIND Supported Preview Edition can exit with an assertion failure if ECS is in use

CVE-2019-6469

5.9MEDIUM

Key Information

Vendor: Isc
Status: Bind 9 Supported Preview Edition
Vendor: CVE Published:; 29 May 2019

Summary

An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.

Affected Version(s)

BIND 9 Supported Preview Edition BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.

References

https://kb.isc.org/docs/cve-2019-6469

x_refsource_CONFIRM

https://support.f5.com/csp/article/K39751401?utm_source=f...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 29, 2019
Vulnerability Reserved
Jan 16, 2019

Collectors

NVD DatabaseMitre Database

Credit

ISC would like to thank Quad9 for reporting this issue.