Allele Security Alert
ASA-2019-00592
Identifier(s)
ASA-2019-00592, CVE-2019-6476
Title
An error in QNAME minimization code can cause BIND to exit with an assertion failure
Vendor(s)
Internet Systems Consortium (ISC)
Product(s)
ISC BIND
Affected version(s)
BIND 9.15.x versions before 9.15.5
BIND 9.14.x versions before 9.14.7
Fixed version(s)
BIND version 9.15.5
BIND version 9.14.7
Proof of concept
Unknown
Description
A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query.
Technical details
Unknown
Credits
Unknown
Reference(s)
CVE-2019-6476: An error in QNAME minimization code can cause BIND to exit with an assertion failure – Security Advisories
https://kb.isc.org/docs/cve-2019-6476
CVE-2019-6476
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6476
CVE-2019-6476
https://nvd.nist.gov/vuln/detail/CVE-2019-6476
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: October 31, 2019