CVE-2016-8864
First published: Fri Oct 28 2016(Updated: )
A defect in BIND's handling of responses containing a DNAME answer can cause a resolver to exit after encountering an assertion failure in db.c or resolver.c During processing of a recursive response that contains a DNAME record in the answer section, BIND can stop execution after encountering an assertion error in resolver.c (error message: "INSIST((valoptions & 0x0002U) != 0) failed") or db.c (error message: "REQUIRE(targetp != ((void *)0) && *targetp == ((void *)0)) failed"). A server encountering either of these error conditions will stop, resulting in denial of service to clients. The risk to authoritative servers is minimal; recursive servers are chiefly at risk.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/bind9 | 1:9.11.5.P4+dfsg-5.1+deb10u7 1:9.11.5.P4+dfsg-5.1+deb10u9 1:9.16.44-1~deb11u1 1:9.18.19-1~deb12u1 1:9.19.17-1 | |
| ISC BIND | >=9.0.0<9.9.9 | |
| ISC BIND | >=9.10.0<9.10.4 | |
| ISC BIND | =9.9.9 | |
| ISC BIND | =9.9.9-beta1 | |
| ISC BIND | =9.9.9-beta2 | |
| ISC BIND | =9.9.9-p1 | |
| ISC BIND | =9.9.9-p2 | |
| ISC BIND | =9.9.9-p3 | |
| ISC BIND | =9.10.4 | |
| ISC BIND | =9.10.4-beta1 | |
| ISC BIND | =9.10.4-beta2 | |
| ISC BIND | =9.10.4-beta3 | |
| ISC BIND | =9.10.4-p1 | |
| ISC BIND | =9.10.4-p2 | |
| ISC BIND | =9.10.4-p3 | |
| ISC BIND | =9.11.0 | |
| ISC BIND | =9.11.0-alpha1 | |
| ISC BIND | =9.11.0-alpha2 | |
| ISC BIND | =9.11.0-alpha3 | |
| ISC BIND | =9.11.0-beta1 | |
| ISC BIND | =9.11.0-beta2 | |
| ISC BIND | =9.11.0-beta3 | |
| netapp data ontap edge | ||
| netapp solidfire | ||
| netapp steelstore cloud integrated storage | ||
| redhat enterprise Linux desktop | =5.0 | |
| redhat enterprise Linux desktop | =6.0 | |
| redhat enterprise Linux desktop | =7.0 | |
| redhat enterprise Linux eus | =6.7 | |
| redhat enterprise Linux eus | =7.2 | |
| redhat enterprise Linux eus | =7.3 | |
| redhat enterprise Linux eus | =7.4 | |
| redhat enterprise Linux eus | =7.5 | |
| redhat enterprise Linux eus | =7.6 | |
| redhat enterprise Linux eus | =7.7 | |
| redhat enterprise Linux server | =5.0 | |
| redhat enterprise Linux server | =6.0 | |
| redhat enterprise Linux server | =7.0 | |
| redhat enterprise Linux server aus | =6.2 | |
| redhat enterprise Linux server aus | =6.4 | |
| redhat enterprise Linux server aus | =6.5 | |
| redhat enterprise Linux server aus | =6.6 | |
| redhat enterprise Linux server aus | =7.2 | |
| redhat enterprise Linux server aus | =7.3 | |
| redhat enterprise Linux server aus | =7.4 | |
| redhat enterprise Linux server aus | =7.6 | |
| redhat enterprise Linux server aus | =7.7 | |
| redhat enterprise Linux server tus | =6.5 | |
| redhat enterprise Linux server tus | =6.6 | |
| redhat enterprise Linux server tus | =7.2 | |
| redhat enterprise Linux server tus | =7.3 | |
| redhat enterprise Linux server tus | =7.6 | |
| redhat enterprise Linux server tus | =7.7 | |
| redhat enterprise Linux workstation | =5.0 | |
| redhat enterprise Linux workstation | =6.0 | |
| redhat enterprise Linux workstation | =7.0 | |
| Debian Debian Linux | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://rhn.redhat.com/errata/RHSA-2016-2141.html
- http://rhn.redhat.com/errata/RHSA-2016-2142.html
- http://rhn.redhat.com/errata/RHSA-2016-2615.html
- http://rhn.redhat.com/errata/RHSA-2016-2871.html
- http://www.debian.org/security/2016/dsa-3703
- http://www.securityfocus.com/bid/94067
- http://www.securitytracker.com/id/1037156
- https://access.redhat.com/errata/RHSA-2017:1583
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687
- https://kb.isc.org/article/AA-01434
- https://kb.isc.org/article/AA-01435
- https://kb.isc.org/article/AA-01436
- https://kb.isc.org/article/AA-01437
- https://kb.isc.org/article/AA-01438
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:34.bind.asc
- https://security.gentoo.org/glsa/201701-26
- https://security.netapp.com/advisory/ntap-20180926-0005/
- http://seclists.org/oss-sec/2016/q4/300
- https://rhn.redhat.com/errata/RHSA-2016-2142.html
- https://rhn.redhat.com/errata/RHSA-2016-2141.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1391319
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1391320
- https://rhn.redhat.com/errata/RHSA-2016-2615.html
- https://rhn.redhat.com/errata/RHSA-2016-2871.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1389652
- https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=8bd0c12d53bea6f299e92d20ee0a23b16a7f65bc
- https://security-tracker.debian.org/tracker/CVE-2016-8864
- collector/security-tracker-debian
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-8864
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- vendor/isc
- canonical/isc bind
- version/isc bind/9.0.0
- version/isc bind/9.10.0
- version/isc bind/9.9.9
- version/isc bind/9.9.9-beta1
- version/isc bind/9.9.9-beta2
- version/isc bind/9.9.9-p1
- version/isc bind/9.9.9-p2
- version/isc bind/9.9.9-p3
- version/isc bind/9.10.4
- version/isc bind/9.10.4-beta1
- version/isc bind/9.10.4-beta2
- version/isc bind/9.10.4-beta3
- version/isc bind/9.10.4-p1
- version/isc bind/9.10.4-p2
- version/isc bind/9.10.4-p3
- version/isc bind/9.11.0
- version/isc bind/9.11.0-alpha1
- version/isc bind/9.11.0-alpha2
- version/isc bind/9.11.0-alpha3
- version/isc bind/9.11.0-beta1
- version/isc bind/9.11.0-beta2
- version/isc bind/9.11.0-beta3
- vendor/netapp
- canonical/netapp data ontap edge
- canonical/netapp solidfire
- canonical/netapp steelstore cloud integrated storage
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/5.0
- version/redhat enterprise linux desktop/6.0
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/6.7
- version/redhat enterprise linux eus/7.2
- version/redhat enterprise linux eus/7.3
- version/redhat enterprise linux eus/7.4
- version/redhat enterprise linux eus/7.5
- version/redhat enterprise linux eus/7.6
- version/redhat enterprise linux eus/7.7
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/5.0
- version/redhat enterprise linux server/6.0
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/6.2
- version/redhat enterprise linux server aus/6.4
- version/redhat enterprise linux server aus/6.5
- version/redhat enterprise linux server aus/6.6
- version/redhat enterprise linux server aus/7.2
- version/redhat enterprise linux server aus/7.3
- version/redhat enterprise linux server aus/7.4
- version/redhat enterprise linux server aus/7.6
- version/redhat enterprise linux server aus/7.7
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/6.5
- version/redhat enterprise linux server tus/6.6
- version/redhat enterprise linux server tus/7.2
- version/redhat enterprise linux server tus/7.3
- version/redhat enterprise linux server tus/7.6
- version/redhat enterprise linux server tus/7.7
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/5.0
- version/redhat enterprise linux workstation/6.0
- version/redhat enterprise linux workstation/7.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0