Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 746923 (CVE-2020-25829)

Summary: <net-dns/pdns-recursor-4.3.5: cache pollution (CVE-2020-25829)
Product: Gentoo Security Reporter: Thomas Deutschmann (RETIRED) <whissi>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: swegener
Priority: Normal Flags: nattka: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html
Whiteboard: B3 [glsa+ cve]
Package list:
net-dns/pdns-recursor-4.3.5
 Runtime testing required: ---
Bug Depends on: 749146    
Bug Blocks:    

Description Thomas Deutschmann (RETIRED) gentoo-dev 2020-10-06 15:09:01 UTC 
Incoming details.
Comment 1 Sven Wegener gentoo-dev 2020-10-08 20:49:21 UTC 
I received the information and will be doing the bump on Tuesday.
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2020-10-13 11:52:08 UTC 
PowerDNS Security Advisory 2020-07: Cache pollution
===================================================
CVE: CVE-2020-25829

Date: 13th of October 2020

Affects: PowerDNS Recursor up to and including 4.3.4, 4.2.4 and 4.1.17

Not affected: 4.3.5, 4.2.5, 4.1.18

Severity: High

Impact: Denial of service

Exploit: This problem can be triggered by sending DNS queries

Risk of system compromise: No

Solution: Upgrade to a non-affected version

Workaround: Filter ANY queries to prevent them from reaching the recursor.

An issue has been found in PowerDNS Recursor where a remote attacker can cause the cached records for a given name to be updated to the ‘Bogus’ DNSSEC validation state, instead of their actual DNSSEC ‘Secure’ state, via a DNS ANY query. This results in a denial of service for installations that always validate (dnssec=validate) and for clients requesting validation when on-demand validation is enabled (dnssec=process).
Comment 4 Sven Wegener gentoo-dev 2020-10-13 13:32:53 UTC 
I've committed 4.3.5 to the tree, but the automated bug reference from the commit message didn't make it here due to the access restriction.
Comment 6 Agostino Sarubbo gentoo-dev 2020-10-14 19:08:59 UTC 
amd64 stable
Comment 7 Agostino Sarubbo gentoo-dev 2020-10-14 19:23:09 UTC 
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 8 Larry the Git Cow gentoo-dev 2020-10-17 09:23:35 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=edf1122e56fa58755f0da35606bbac283bf1bd30

commit edf1122e56fa58755f0da35606bbac283bf1bd30
Author:     Sven Wegener <swegener@gentoo.org>
AuthorDate: 2020-10-17 09:23:09 +0000
Commit:     Sven Wegener <swegener@gentoo.org>
CommitDate: 2020-10-17 09:23:29 +0000

    net-dns/pdns-recursor: Cleanup
    
    Bug: https://bugs.gentoo.org/746923
    Package-Manager: Portage-3.0.8, Repoman-3.0.1
    Signed-off-by: Sven Wegener <swegener@gentoo.org>

 net-dns/pdns-recursor/Manifest                     |  2 -
 .../files/pdns-recursor-4.3.1-boost-1.73.0.patch   | 89 ----------------------
 net-dns/pdns-recursor/pdns-recursor-4.3.3.ebuild   | 85 ---------------------
 net-dns/pdns-recursor/pdns-recursor-4.3.4.ebuild   | 85 ---------------------
 4 files changed, 261 deletions(-)
Comment 9 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-10-17 09:38:24 UTC 
Thanks!
Comment 10 Thomas Deutschmann (RETIRED) gentoo-dev 2020-12-23 16:59:04 UTC 
GLSA Vote: Yes

New GLSA request filed.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2020-12-23 20:22:03 UTC 
This issue was resolved and addressed in
 GLSA 202012-19 at https://security.gentoo.org/glsa/202012-19
by GLSA coordinator Thomas Deutschmann (whissi).