Red Hat Enterprise Linux 7 update for bind

1) Reachable Assertion

EUVDB-ID: #VU45819

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-8622

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when handling TSIG-signed request. An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux EUS Compute Node: 7.7

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 7.7

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.7

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 7.7

Red Hat Enterprise Linux Server - TUS: 7.7

Red Hat Enterprise Linux for Power, little endian - Extended Update Support: 7.7

Red Hat Enterprise Linux for Power, big endian - Extended Update Support: 7.7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support: 7.7

Red Hat Enterprise Linux Server - AUS: 7.7

BIND (Red Hat Inc.): before 9.11.4-9.P2.el7_7.3

External links

http://access.redhat.com/errata/RHSA-2020:5203

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Reachable Assertion

EUVDB-ID: #VU45818

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-8623

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when processing DNS query for a zone signed with RSA. A remote attacker can send a specially crafted query and crash the DNS server.

Successful exploitation of the vulnerability requires that BIND is built with "--enable-native-pkcs11".

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux EUS Compute Node: 7.7

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 7.7

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.7

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 7.7

Red Hat Enterprise Linux Server - TUS: 7.7

Red Hat Enterprise Linux for Power, little endian - Extended Update Support: 7.7

Red Hat Enterprise Linux for Power, big endian - Extended Update Support: 7.7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support: 7.7

Red Hat Enterprise Linux Server - AUS: 7.7

BIND (Red Hat Inc.): before 9.11.4-9.P2.el7_7.3

External links

http://access.redhat.com/errata/RHSA-2020:5203

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU45817

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-8624

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote user to perform unauthorized actions.

The vulnerability exists due to change 4885 in BIND inadvertently caused "update-policy" rules of type "subdomain" to be treated as if they were of type "zonesub", allowing updates to all parts of the zone along with the intended subdomain. A remote user with privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux EUS Compute Node: 7.7

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 7.7

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.7

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 7.7

Red Hat Enterprise Linux Server - TUS: 7.7

Red Hat Enterprise Linux for Power, little endian - Extended Update Support: 7.7

Red Hat Enterprise Linux for Power, big endian - Extended Update Support: 7.7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support: 7.7

Red Hat Enterprise Linux Server - AUS: 7.7

BIND (Red Hat Inc.): before 9.11.4-9.P2.el7_7.3

External links

http://access.redhat.com/errata/RHSA-2020:5203

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.