Unrated severityNVD Advisory· Published Jan 16, 2019· Updated Sep 17, 2024
A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME
CVE-2017-3137
Description
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
389.9.9-P6, 9.9.10b1-9.9.10rc1, 9.10.4-P6, 9.10.5b1-9.10.5rc1, 9.11.0-P3, 9.11.1b1-9.11.1rc1, 9.9.9-S8+ 1 more
- (no CPE)range: 9.9.9-P6, 9.9.10b1-9.9.10rc1, 9.10.4-P6, 9.10.5b1-9.10.5rc1, 9.11.0-P3, 9.11.1b1-9.11.1rc1, 9.9.9-S8
- (no CPE)range: 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8
- osv-coords36 versionspkg:apk/chainguard/bindpkg:apk/chainguard/bind-devpkg:apk/chainguard/bind-dnssec-rootpkg:apk/chainguard/bind-dnssec-toolspkg:apk/chainguard/bind-docpkg:apk/chainguard/bind-libspkg:apk/chainguard/bind-pluginspkg:apk/chainguard/bind-toolspkg:apk/wolfi/bindpkg:apk/wolfi/bind-devpkg:apk/wolfi/bind-dnssec-rootpkg:apk/wolfi/bind-dnssec-toolspkg:apk/wolfi/bind-docpkg:apk/wolfi/bind-libspkg:apk/wolfi/bind-pluginspkg:apk/wolfi/bind-toolspkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/bind&distro=SUSE%20Manager%202.1pkg:rpm/suse/bind&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%205
< 0+ 35 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.9.9P1-59.1
- (no CPE)range: < 9.9.9P1-59.1
- (no CPE)range: < 9.9.6P1-0.44.1
- (no CPE)range: < 9.9.6P1-0.44.1
- (no CPE)range: < 9.9.6P1-0.44.1
- (no CPE)range: < 9.9.6P1-0.44.1
- (no CPE)range: < 9.9.9P1-59.1
- (no CPE)range: < 9.9.9P1-59.1
- (no CPE)range: < 9.9.9P1-28.34.1
- (no CPE)range: < 9.9.9P1-59.1
- (no CPE)range: < 9.9.6P1-0.44.1
- (no CPE)range: < 9.9.9P1-28.34.1
- (no CPE)range: < 9.9.9P1-59.1
- (no CPE)range: < 9.9.9P1-59.1
- (no CPE)range: < 9.9.6P1-0.44.1
- (no CPE)range: < 9.9.9P1-59.1
- (no CPE)range: < 9.9.9P1-59.1
- (no CPE)range: < 9.9.6P1-0.44.1
- (no CPE)range: < 9.9.6P1-0.44.1
- (no CPE)range: < 9.9.6P1-0.44.1
Patches
Vulnerability mechanics
References
11- access.redhat.com/errata/RHSA-2017:1095mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2017:1105mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2017:1582mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2017:1583mitrevendor-advisoryx_refsource_REDHAT
- security.gentoo.org/glsa/201708-01mitrevendor-advisoryx_refsource_GENTOO
- www.debian.org/security/2017/dsa-3854mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/97651mitrevdb-entryx_refsource_BID
- www.securitytracker.com/id/1038258mitrevdb-entryx_refsource_SECTRACK
- www.securitytracker.com/id/1040195mitrevdb-entryx_refsource_SECTRACK
- kb.isc.org/docs/aa-01466mitrex_refsource_CONFIRM
- security.netapp.com/advisory/ntap-20180802-0002/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.