Denial of service in bind (Alpine package)

1) Denial of service

EUVDB-ID: #VU164

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2016-2775

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause the target service to crash.

The vulnerability exists due to boundary error in BIND. A remote unauthenticated attacker can cause the target BIND server to crash by sending a specially crafted request with a query name and a search list entry that exceeds the maximum allowable length.

Systems using the lightweight resolution protocol via either the 'lwresd' utility or via named using the "lwres" statement in 'named.conf' are affected.

Successful exploitation of this vulnerability may result in denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

bind (Alpine package): 9.10.3_p4-r0 - 9.10.4_p1-r1

CPE2.3

• cpe:2.3:o:alpine:bind_alpine_package:9.10.3_p4-r0:*:*:*:*:alpine_linux:*:3.1
• cpe:2.3:o:alpine:bind_alpine_package:9.10.4-r0:*:*:*:*:alpine_linux:*:3.1
• cpe:2.3:o:alpine:bind_alpine_package:9.10.4-r1:*:*:*:*:alpine_linux:*:3.3

External links

https://git.alpinelinux.org/aports/commit/?id=bb1a4b29af1f9310c9bd4e2f626bfc1b56460d01
https://git.alpinelinux.org/aports/commit/?id=30f5720bb217f0bcfd15be8a9dcad04a5654a1c6
https://git.alpinelinux.org/aports/commit/?id=8e686d990b5bbc1aa89b56c79a5554820d3a226f
https://git.alpinelinux.org/aports/commit/?id=0eaed553d50ecb90211565f10b5dab3c050075fc

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.