Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 691086 (CVE-2019-10203) - <net-dns/pdns-4.1.11: Denial of Service via crafted zone records (CVE-2019-10203)
Summary: <net-dns/pdns-4.1.11: Denial of Service via crafted zone records (CVE-2019-10...
Status: RESOLVED FIXED
Alias: CVE-2019-10203
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://doc.powerdns.com/authoritativ...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-07-30 19:37 UTC by Sven Wegener
Modified: 2019-08-10 21:09 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sven Wegener gentoo-dev 2019-07-30 19:37:13 UTC
From $URL:

PowerDNS Security Advisory 2019-06: Denial of service via crafted zone records

CVE: CVE-2019-10203
Date: July 30th, 2019
Affects: PowerDNS Authoritative 4.0.0 and up, when using the gpgsql (PostgreSQL) backend
Not affected: 4.2.0, 4.1.11, 4.0.9
Severity: Low
Impact: Denial of Service
Exploit: This problem can be triggered via crafted records
Risk of system compromise: No
Solution: Update the database schema
Workaround: run the process inside the guardian or inside a supervisor
An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it tries to store the notified serial in the PostgreSQL database, if this serial cannot be represented in 31 bits.

This issue has been assigned CVE-2019-10203.

PowerDNS Authoritative up to and including 4.1.10 is affected. Please note that at the time of writing, PowerDNS Authoritative 3.4 and below are no longer supported, as described in https://doc.powerdns.com/authoritative/appendices/EOL.html.

To fix the issue, run the following command against your PostgreSQL pdns database: ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END;. No software changes are required.
Comment 1 Sven Wegener gentoo-dev 2019-07-30 19:45:25 UTC
There is no 4.1.11 release tarball yet, but the security issue needs to be fixed manually in the database by our users.
Upstream and our default configuration does not run the server with a guardian process.
Comment 2 Larry the Git Cow gentoo-dev 2019-08-01 13:59:07 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1604747b397cebd0842f6763d5b417a2c86782ee

commit 1604747b397cebd0842f6763d5b417a2c86782ee
Author:     Sven Wegener <swegener@gentoo.org>
AuthorDate: 2019-08-01 13:57:37 +0000
Commit:     Sven Wegener <swegener@gentoo.org>
CommitDate: 2019-08-01 13:58:57 +0000

    net-dns/pdns: Version bump to 4.1.11, security bug #691086
    
    Bug: https://bugs.gentoo.org/691086
    Package-Manager: Portage-2.3.69, Repoman-2.3.16
    Signed-off-by: Sven Wegener <swegener@gentoo.org>

 net-dns/pdns/Manifest           |   1 +
 net-dns/pdns/pdns-4.1.11.ebuild | 157 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 158 insertions(+)
Comment 3 Larry the Git Cow gentoo-dev 2019-08-06 11:59:26 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=90b5f0aae66c4441c60b8e7d0877a9058546e6c9

commit 90b5f0aae66c4441c60b8e7d0877a9058546e6c9
Author:     Sven Wegener <swegener@gentoo.org>
AuthorDate: 2019-08-06 11:58:26 +0000
Commit:     Sven Wegener <swegener@gentoo.org>
CommitDate: 2019-08-06 11:59:17 +0000

    net-dns/pdns: Stable on amd64/x86, security bug #691086
    
    Bug: https://bugs.gentoo.org/691086
    Package-Manager: Portage-2.3.69, Repoman-2.3.16
    Signed-off-by: Sven Wegener <swegener@gentoo.org>

 net-dns/pdns/pdns-4.1.11-r1.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 4 Larry the Git Cow gentoo-dev 2019-08-07 18:59:49 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8b735f4fe5818d70ab95d1148bf17668a65f1c32

commit 8b735f4fe5818d70ab95d1148bf17668a65f1c32
Author:     Sven Wegener <swegener@gentoo.org>
AuthorDate: 2019-08-07 18:59:05 +0000
Commit:     Sven Wegener <swegener@gentoo.org>
CommitDate: 2019-08-07 18:59:42 +0000

    net-dns/pdns: Cleanup
    
    Bug: https://bugs.gentoo.org/691086
    Package-Manager: Portage-2.3.69, Repoman-2.3.16
    Signed-off-by: Sven Wegener <swegener@gentoo.org>

 net-dns/pdns/Manifest           |   1 -
 net-dns/pdns/pdns-4.1.10.ebuild | 157 ----------------------------------------
 2 files changed, 158 deletions(-)