Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 395287 (CVE-2011-4528)

Summary: <net-dns/unbound-1.4.13_p2: Two Denial of Service Vulnerabilities (CVE-2011-{4528,4869})
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: Runpath IssuesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: matsuu, nabeken, proxy-maint, radhermit
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://secunia.com/advisories/47220/
Whiteboard: B3 [glsa]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2011-12-19 17:51:58 UTC 
From secunia security advisory at $URL:

Description:
1) A memory allocation error when processing certain RRs (Resource Records) can be exploited to cause a crash by sending signed duplicate redirecting RRs.

2) An error when processing certain responses for NSEC3-signed zones can be exploited to e.g. cause an assertion error or crash by sending specially crafted responses.

The vulnerabilities are reported in versions prior to 1.4.14.


Solution:
Update to version 1.4.13p2 and 1.4.14 or apply patches.
Comment 1 TANABE Ken-ichi 2011-12-20 14:25:19 UTC 
I submitted unbound-1.4.13_p2.ebuild to matsuu@. already in cvs, please mark stable =net-dns/unbound-1.4.13_p2.
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2011-12-20 14:31:06 UTC 
Great, thank you.

Arches, please test and mark stable:
=net-dns/unbound-1.4.13_p2
Target keywords : "amd64 x86"
Comment 3 Agostino Sarubbo gentoo-dev 2011-12-20 14:37:53 UTC 
amd64 stable
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2011-12-29 13:11:35 UTC 
CVE-2011-4869 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4869):
  validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform
  proof processing for NSEC3-signed zones, which allows remote DNS servers to
  cause a denial of service (daemon crash) via a malformed response that lacks
  expected NSEC3 records, a different vulnerability than CVE-2011-4528.

CVE-2011-4528 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4528):
  Unbound before 1.4.13p2 attempts to free unallocated memory during
  processing of duplicate CNAME records in a signed zone, which allows remote
  DNS servers to cause a denial of service (daemon crash) via a crafted
  response.
Comment 5 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-01-04 17:40:14 UTC 
x86 stable
Comment 6 Tim Sammut (RETIRED) gentoo-dev 2012-01-04 17:42:49 UTC 
Thanks, folks. GLSA Vote:yes.
Comment 7 Stefan Behte (RETIRED) gentoo-dev Security 2012-03-06 01:22:15 UTC 
Vote: Yes. GLSA request added.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2013-11-28 08:35:03 UTC 
This issue was resolved and addressed in
 GLSA 201311-18 at http://security.gentoo.org/glsa/glsa-201311-18.xml
by GLSA coordinator Sergey Popov (pinkbyte).