An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. ISC is working on determining the ultimate cause by which a record with this particular inconsistency is cached.At this time we are making available a patch which makes named recover gracefully from the inconsistency, preventing the abnormal exit.
The patch has two components. When a client query is handled, the code which processes the response to the client has to ask the cache for the records for the name that is being queried. The first component of the patch prevents the cache from returning the inconsistent data. The second component prevents named from crashing if it detects that it has been given an inconsistent answer of this nature.
Update as of 5 December:
Having completed our analysis of the data submitted by those who experienced the crash, ISC has identified how and why this event occurred.
We have confirmed that it was triggered by an accidental operational error that exposed a previously unknown bug in BIND, causing an internal inconsistency which is effectively prevented by the mitigation patches we have produced and distributed.
While the original trigger for this incident no longer exists, it is very possible that the same set of circumstances could be made to recur deliberately rather than accidentally. Therefore, ISC strongly recommends that those running vulnerable servers continue to update to a patched release of BIND.
Translations of original CVE:
Spanish translation of the original advisory https://www.isc.org/advisorycve20114313ES
Japanese translation of the original advisory https://www.isc.org/advisorycve20114313JP
German translation of the original advisory http://cert.uni-stuttgart.de/ticker/article.php?mid=1686
Chinese translation of the original advisory https://www.isc.org/advisorycve20114313CN
Portuguese translation of the original advisory https://www.isc.org/advisorycve20114313PT
CVSS Score: 7.8
For more information on the Common Vulnerability Scoring System and to obtain your specific environmental score please visit: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C)