671982 – (CVE-2018-16855) <net-dns/pdns-recursor-4.1.8: crafted query can cause a denial of service (CVE-2018-16855)

Bug 671982 (CVE-2018-16855) - <net-dns/pdns-recursor-4.1.8: crafted query can cause a denial of service (CVE-2018-16855)

Summary: <net-dns/pdns-recursor-4.1.8: crafted query can cause a denial of service (CV...

Status:	RESOLVED FIXED

Alias:	CVE-2018-16855

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:	https://doc.powerdns.com/recursor/sec...
Whiteboard:	B3 [noglsa cve]
Keywords:

Depends on:
Blocks:

Reported:	2018-11-26 16:34 UTC by Sven Wegener
Modified:	2018-11-28 07:05 UTC (History)
CC List:	1 user (show)

See Also:
Package list:	net-dns/pdns-recursor-4.1.8
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sven Wegener gentoo-dev

2018-11-26 16:34:16 UTC

From $URL:

An issue has been found in PowerDNS Recursor where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.

This issue has been assigned CVE-2018-16855 by Red Hat.

When the PowerDNS Recursor is run inside a supervisor like supervisord or systemd, a crash will lead to an automatic restart, limiting the impact to a somewhat degraded service.

PowerDNS Recursor from 4.1.0 up to and including 4.1.7 is affected.

Comment 1 Larry the Git Cow gentoo-dev

2018-11-26 16:40:33 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ca96ad2e887d64febee4984ace90b04daa805979

commit ca96ad2e887d64febee4984ace90b04daa805979
Author:     Sven Wegener <swegener@gentoo.org>
AuthorDate: 2018-11-26 16:39:31 +0000
Commit:     Sven Wegener <swegener@gentoo.org>
CommitDate: 2018-11-26 16:40:14 +0000

    net-dns/pdns-recursor: Version bump, security bug #671982
    
    Bug: https://bugs.gentoo.org/671982
    Signed-off-by: Sven Wegener <swegener@gentoo.org>
    Package-Manager: Portage-2.3.51, Repoman-2.3.11

 net-dns/pdns-recursor/Manifest                   |  1 +
 net-dns/pdns-recursor/pdns-recursor-4.1.8.ebuild | 78 ++++++++++++++++++++++++
 2 files changed, 79 insertions(+)

Comment 2 Sven Wegener gentoo-dev

2018-11-26 19:37:03 UTC

Looks good to go stable, the security fix is the only change since 4.1.7.

Comment 3 Larry the Git Cow gentoo-dev

2018-11-27 20:21:17 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5f4e9dc240bc6fc93d62b27b9f6c5335600b0eb0

commit 5f4e9dc240bc6fc93d62b27b9f6c5335600b0eb0
Author:     Sven Wegener <swegener@gentoo.org>
AuthorDate: 2018-11-27 20:17:48 +0000
Commit:     Sven Wegener <swegener@gentoo.org>
CommitDate: 2018-11-27 20:20:37 +0000

    net-dns/pdns-recursor: Stable on am64/x86, bug #671982
    
    Bug: https://bugs.gentoo.org/671982
    Signed-off-by: Sven Wegener <swegener@gentoo.org>
    Package-Manager: Portage-2.3.51, Repoman-2.3.11

 net-dns/pdns-recursor/pdns-recursor-4.1.8.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comment 4 Aaron Bauman (RETIRED) gentoo-dev

2018-11-27 22:28:01 UTC

GLSA Vote: No

@maintainer, please clean vulnerable.

Comment 5 Sven Wegener gentoo-dev

2018-11-28 06:47:18 UTC

cleanup done

Comment 6 Aaron Bauman (RETIRED) gentoo-dev

2018-11-28 07:05:18 UTC

(In reply to Sven Wegener from comment #5)
> cleanup done

Thank you, Sven!