libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted packet, as demonstrated by an attack against named, dig, or delv. BIND 9.10.0-P2 is a security fix release of BIND 9.10 which also includes changes to address GCC optimization issues described in ISC Operational Notification https://kb.isc.org/article/AA-01167. This document summarizes features added or significantly changed since the previous major release, BIND 9.9. Bug fixes since BIND 9.10.0 are also summarized. Changes marked with '**' have been added since the previous release (BIND 9.10.0-P1). Please see the CHANGES file in the source code release for a complete list of all changes. Security - A query specially crafted to exploit a defect in EDNS option processing can cause named to terminate with an assertion failure. This fixes a missing isc_buffer_availablelength check when printing out a packet. [CVE-2014-3859] [RT #36078] ** - A programming error in the prefetch feature could cause named to crash with a "REQUIRE" assertion failure in name.c [CVE-2014-3214] [RT #35899]
Copyright ©2023 Exploitalert.