Vulnerability Description
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Isc | Bind | 9.9.3 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Server Aus | 7.3 |
| Redhat | Enterprise Linux Server Eus | 7.3 |
| Redhat | Enterprise Linux Server Tus | 7.3 |
| Redhat | Enterprise Linux Workstation | 7.0 |
| Netapp | Data Ontap Edge | - |
| Netapp | Element Software Management Node | - |
| Debian | Debian Linux | 8.0 |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2017-0276.htmlThird Party Advisory
- http://www.securityfocus.com/bid/96150Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037801Third Party AdvisoryVDB Entry
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_naThird Party Advisory
- https://kb.isc.org/docs/aa-01453Vendor Advisory
- https://security.gentoo.org/glsa/201708-01Third Party Advisory
- https://security.netapp.com/advisory/ntap-20180926-0005/Third Party Advisory
- https://www.debian.org/security/2017/dsa-3795Third Party Advisory
- http://rhn.redhat.com/errata/RHSA-2017-0276.htmlThird Party Advisory
- http://www.securityfocus.com/bid/96150Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037801Third Party AdvisoryVDB Entry
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_naThird Party Advisory
- https://kb.isc.org/docs/aa-01453Vendor Advisory
- https://security.gentoo.org/glsa/201708-01Third Party Advisory
- https://security.netapp.com/advisory/ntap-20180926-0005/Third Party Advisory
FAQ
What is CVE-2017-3135?
CVE-2017-3135 is a vulnerability with a CVSS score of 7.5 (HIGH). Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read...
How severe is CVE-2017-3135?
CVE-2017-3135 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-3135?
Check the references section above for vendor advisories and patch information. Affected products include: Isc Bind, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.