CVE-2018-5737
MEDIUMBIND 9.12.0-9.12.1 - Reachable Assertion in rbtdb.c via Serve-Stale Feature
Title source: llmDescription
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104236
Vendor Advisory x_refsource_confirm
https://kb.isc.org/docs/aa-01606
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1040942
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20180926-0004/
Scores
CVSS v3
5.9
EPSS
0.0119
EPSS Percentile
79.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-617
Status
published
Products (4)
isc/bind
9.12.0
isc/bind
9.12.1
netapp/cloud_backup
netapp/data_ontap_edge
Published
Jan 16, 2019
Tracked Since
Feb 18, 2026