BIND Supported Preview Edition can exit with an assertion failure if ECS is in use

CVE-2019-6469

5.9MEDIUM

Key Information

Vendor: Isc
Status: Bind 9 Supported Preview Edition
Vendor: CVE Published:; 29 May 2019

Summary

An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.

Affected Version(s)

BIND 9 Supported Preview Edition = BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: 7.5 to: 5.9 - (MEDIUM)
Feb 22, 2024
Vulnerability published.
May 29, 2019
Vulnerability Reserved.
Jan 16, 2019

Collectors

NVD DatabaseMitre Database

Credit

ISC would like to thank Quad9 for reporting this issue.