Unrated severityNVD Advisory· Published Jun 17, 2020· Updated Sep 17, 2024

A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer

CVE-2020-8619

Description

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.

Affected products

osv-coords38 versions
pkg:apk/chainguard/bind pkg:apk/chainguard/bind-dev pkg:apk/chainguard/bind-dnssec-root pkg:apk/chainguard/bind-dnssec-tools pkg:apk/chainguard/bind-doc pkg:apk/chainguard/bind-libs pkg:apk/chainguard/bind-plugins pkg:apk/chainguard/bind-tools pkg:apk/wolfi/bind pkg:apk/wolfi/bind-dev pkg:apk/wolfi/bind-dnssec-root pkg:apk/wolfi/bind-dnssec-tools pkg:apk/wolfi/bind-doc pkg:apk/wolfi/bind-libs pkg:apk/wolfi/bind-plugins pkg:apk/wolfi/bind-tools pkg:rpm/opensuse/bind&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/bind&distro=openSUSE%20Leap%2015.2 pkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/libuv&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/libuv&distro=openSUSE%20Leap%2015.2 pkg:rpm/opensuse/sysuser-tools&distro=openSUSE%20Leap%2015.1 pkg:rpm/opensuse/sysuser-tools&distro=openSUSE%20Leap%2015.2 pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1 pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2 pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1 pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP2 pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015 pkg:rpm/suse/sysuser-tools&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS pkg:rpm/suse/sysuser-tools&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS pkg:rpm/suse/sysuser-tools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1 pkg:rpm/suse/sysuser-tools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2 pkg:rpm/suse/sysuser-tools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2 pkg:rpm/suse/sysuser-tools&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS pkg:rpm/suse/sysuser-tools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015
< 0+ 37 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.16.6-lp151.11.9.1
- (no CPE)range: < 9.16.6-lp152.14.3.1
- (no CPE)range: < 9.16.20-1.4
- (no CPE)range: < 1.18.0-lp151.3.3.1
- (no CPE)range: < 1.18.0-lp152.4.3.1
- (no CPE)range: < 2.0-lp151.4.3.1
- (no CPE)range: < 2.0-lp152.5.3.1
- (no CPE)range: < 9.16.6-12.32.1
- (no CPE)range: < 9.16.6-12.32.1
- (no CPE)range: < 9.16.6-12.32.1
- (no CPE)range: < 9.16.6-12.32.1
- (no CPE)range: < 9.16.6-12.32.1
- (no CPE)range: < 9.16.6-12.32.1
- (no CPE)range: < 9.16.6-12.32.1
- (no CPE)range: < 9.16.6-12.32.1
- (no CPE)range: < 2.0-4.2.8
- (no CPE)range: < 2.0-4.2.8
- (no CPE)range: < 2.0-4.2.8
- (no CPE)range: < 2.0-4.2.8
- (no CPE)range: < 2.0-4.2.8
- (no CPE)range: < 2.0-4.2.8
- (no CPE)range: < 2.0-4.2.8
ISC/BIND9v5
Range: 9.11.14 through versions before 9.11.20

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.htmlmitrevendor-advisoryx_refsource_SUSE
lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.htmlmitrevendor-advisoryx_refsource_SUSE
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNFTTYJ5JJJJ6QG3AHXJGDIIEYMDFWFW/mitrevendor-advisoryx_refsource_FEDORA
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIOXMJX4N3LBKC65OXNBE52W4GAS7QEX/mitrevendor-advisoryx_refsource_FEDORA
usn.ubuntu.com/4399-1/mitrevendor-advisoryx_refsource_UBUNTU
www.debian.org/security/2020/dsa-4752mitrevendor-advisoryx_refsource_DEBIAN
kb.isc.org/docs/cve-2020-8619mitrex_refsource_CONFIRM
security.netapp.com/advisory/ntap-20200625-0003/mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000