CVE-2019-6467

Published: 24 April 2019

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
bind9
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(1:9.11.3+dfsg-1ubuntu1.5)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(1:9.10.3.dfsg.P4-8ubuntu1.12)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(1:9.9.5.dfsg-3ubuntu0.19)