{"containers":{"cna":{"affected":[{"product":"BIND 9","vendor":"ISC","versions":[{"status":"affected","version":"9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1"}]}],"credits":[{"lang":"en","value":"ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability."}],"datePublic":"2018-01-16T00:00:00.000Z","descriptions":[{"lang":"en","value":"BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1."}],"metrics":[{"cvssV3_0":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"}}],"problemTypes":[{"descriptions":[{"description":"While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137.  Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug.  The known crash is an assertion failure in netaddr.c.","lang":"en","type":"text"}]}],"providerMetadata":{"orgId":"404fd4d2-a609-4245-b543-2c944a302a22","shortName":"isc","dateUpdated":"2023-06-16T16:28:34.033Z"},"references":[{"name":"RHSA-2018:0102","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:0102"},{"name":"RHSA-2018:0487","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:0487"},{"name":"DSA-4089","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2018/dsa-4089"},{"name":"RHSA-2018:0488","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:0488"},{"name":"RHSA-2018:0101","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:0101"},{"name":"1040195","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1040195"},{"tags":["x_refsource_CONFIRM"],"url":"https://kb.isc.org/docs/aa-01542"},{"name":"102716","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/102716"},{"name":"[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20180117-0003/"},{"tags":["vendor-advisory","x_refsource_CONFIRM"],"url":"https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"}],"solutions":[{"lang":"en","value":"Upgrade to the patched release most closely related to your current version of BIND.  These can all be downloaded from http://www.isc.org/downloads.\n\n    BIND 9 version 9.9.11-P1\n    BIND 9 version 9.10.6-P1\n    BIND 9 version 9.11.2-P1\n    BIND 9 version 9.12.0rc2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9 version 9.9.11-S2\n    BIND 9 version 9.10.6-S2"}],"source":{"discovery":"UNKNOWN"},"title":"Improper fetch cleanup sequencing in the resolver can cause named to crash","workarounds":[{"lang":"en","value":"If an operator is experiencing crashes due to this, temporarily disabling DNSSEC validation can be used to avoid the known problematic code path while replacement builds are prepared."}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security-officer@isc.org","DATE_PUBLIC":"2018-01-16T00:00:00.000Z","ID":"CVE-2017-3145","STATE":"PUBLIC","TITLE":"Improper fetch cleanup sequencing in the resolver can cause named to crash"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"BIND 9","version":{"version_data":[{"version_value":"9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1"}]}}]},"vendor_name":"ISC"}]}},"credit":[{"lang":"eng","value":"ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability."}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1."}]},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137.  Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug.  The known crash is an assertion failure in netaddr.c."}]}]},"references":{"reference_data":[{"name":"RHSA-2018:0102","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:0102"},{"name":"RHSA-2018:0487","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:0487"},{"name":"DSA-4089","refsource":"DEBIAN","url":"https://www.debian.org/security/2018/dsa-4089"},{"name":"RHSA-2018:0488","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:0488"},{"name":"RHSA-2018:0101","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:0101"},{"name":"1040195","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1040195"},{"name":"https://kb.isc.org/docs/aa-01542","refsource":"CONFIRM","url":"https://kb.isc.org/docs/aa-01542"},{"name":"102716","refsource":"BID","url":"http://www.securityfocus.com/bid/102716"},{"name":"[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"},{"name":"https://security.netapp.com/advisory/ntap-20180117-0003/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20180117-0003/"},{"name":"https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named","refsource":"CONFIRM","url":"https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"}]},"solution":[{"lang":"en","value":"Upgrade to the patched release most closely related to your current version of BIND.  These can all be downloaded from http://www.isc.org/downloads.\n\n    BIND 9 version 9.9.11-P1\n    BIND 9 version 9.10.6-P1\n    BIND 9 version 9.11.2-P1\n    BIND 9 version 9.12.0rc2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9 version 9.9.11-S2\n    BIND 9 version 9.10.6-S2"}],"source":{"discovery":"UNKNOWN"},"work_around":[{"lang":"en","value":"If an operator is experiencing crashes due to this, temporarily disabling DNSSEC validation can be used to avoid the known problematic code path while replacement builds are prepared."}]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T14:16:28.228Z"},"title":"CVE Program Container","references":[{"name":"RHSA-2018:0102","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:0102"},{"name":"RHSA-2018:0487","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:0487"},{"name":"DSA-4089","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2018/dsa-4089"},{"name":"RHSA-2018:0488","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:0488"},{"name":"RHSA-2018:0101","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:0101"},{"name":"1040195","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1040195"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://kb.isc.org/docs/aa-01542"},{"name":"102716","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/102716"},{"name":"[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20180117-0003/"},{"tags":["vendor-advisory","x_refsource_CONFIRM","x_transferred"],"url":"https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"}]}]},"cveMetadata":{"assignerOrgId":"404fd4d2-a609-4245-b543-2c944a302a22","assignerShortName":"isc","cveId":"CVE-2017-3145","datePublished":"2019-01-16T20:00:00.000Z","dateReserved":"2016-12-02T00:00:00.000Z","dateUpdated":"2024-09-17T00:10:46.349Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}