CVE-2017-3145 - OpenCVE

BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Juniper	Srx1500 Srx550m Srx3600 Junos Srx320 Srx100 Srx220 Srx4600 Srx210 Srx5400 Srx5800 Srx240h2 Srx300 Srx5000 Srx240 Srx550 Hm Srx4100 Srx4200 Srx345 Srx4000 Srx340 Srx650 Srx1400 Srx5600 Srx240m Srx550 Srx110 Srx380 Srx3400
Redhat	Enterprise Linux Server Tus Enterprise Linux Desktop Enterprise Linux Workstation Enterprise Linux Server Enterprise Linux Server Aus Enterprise Linux Server Eus
Isc	Bind
Netapp	Data Ontap Edge
Debian	Debian Linux

Configuration 1 [-]

OR	cpe:2.3:a:isc:bind::::::::
	cpe:2.3:a:isc:bind::::::::
	cpe:2.3:a:isc:bind::::::::
	cpe:2.3:a:isc:bind::::::::
	cpe:2.3:a:isc:bind:9.9.3:s1::::::
	cpe:2.3:a:isc:bind:9.9.11:s1::::::
	cpe:2.3:a:isc:bind:9.10.5:s1::::::
	cpe:2.3:a:isc:bind:9.10.6:s1::::::
	cpe:2.3:a:isc:bind:9.12.0:alpha1::::::
	cpe:2.3:a:isc:bind:9.12.0:b1::::::
	cpe:2.3:a:isc:bind:9.12.0:b2::::::
	cpe:2.3:a:isc:bind:9.12.0:rc1::::::

Configuration 2 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration 4 [-]

cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

OR	cpe:2.3:o:juniper:junos:12.1x46-d76:-::::::
	cpe:2.3:o:juniper:junos:12.3x48-d70:-::::::
	cpe:2.3:o:juniper:junos:15.1x49-d140:-::::::
	cpe:2.3:o:juniper:junos:17.4r2:-::::::
	cpe:2.3:o:juniper:junos:18.1r2:-::::::
	cpe:2.3:o:juniper:junos:18.2r1:-::::::

OR	cpe:2.3:h:juniper:srx100:-:::::::*
	cpe:2.3:h:juniper:srx110:-:::::::*
	cpe:2.3:h:juniper:srx1400:-:::::::*
	cpe:2.3:h:juniper:srx1500:-:::::::*
	cpe:2.3:h:juniper:srx210:-:::::::*
	cpe:2.3:h:juniper:srx220:-:::::::*
	cpe:2.3:h:juniper:srx240:-:::::::*
	cpe:2.3:h:juniper:srx240h2:-:::::::*
	cpe:2.3:h:juniper:srx240m:-:::::::*
	cpe:2.3:h:juniper:srx300:-:::::::*
	cpe:2.3:h:juniper:srx320:-:::::::*
	cpe:2.3:h:juniper:srx340:-:::::::*
	cpe:2.3:h:juniper:srx3400:-:::::::*
	cpe:2.3:h:juniper:srx345:-:::::::*
	cpe:2.3:h:juniper:srx3600:-:::::::*
	cpe:2.3:h:juniper:srx380:-:::::::*
	cpe:2.3:h:juniper:srx4000:-:::::::*
	cpe:2.3:h:juniper:srx4100:-:::::::*
	cpe:2.3:h:juniper:srx4200:-:::::::*
	cpe:2.3:h:juniper:srx4600:-:::::::*
	cpe:2.3:h:juniper:srx5000:-:::::::*
	cpe:2.3:h:juniper:srx5400:-:::::::*
	cpe:2.3:h:juniper:srx550:-:::::::*
	cpe:2.3:h:juniper:srx550_hm:-:::::::*
	cpe:2.3:h:juniper:srx550m:-:::::::*
	cpe:2.3:h:juniper:srx5600:-:::::::*
	cpe:2.3:h:juniper:srx5800:-:::::::*
	cpe:2.3:h:juniper:srx650:-:::::::*

References

Link	Resource
http://www.securityfocus.com/bid/102716	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040195	Broken Link Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:0101	Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0102	Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0487	Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0488	Third Party Advisory
https://kb.isc.org/docs/aa-01542	Vendor Advisory
https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html	Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20180117-0003/	Third Party Advisory
https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named	Third Party Advisory
https://www.debian.org/security/2018/dsa-4089	Third Party Advisory