BIND 9 Security Vulnerability Matrix - 9.9
  • 22 Oct 2018
  • 10 Minutes to read
  • Contributors
  • Dark
    Light
  • PDF

BIND 9 Security Vulnerability Matrix - 9.9

  • Dark
    Light
  • PDF

Article Summary

The BIND versions listed in this article are EOL
This BIND 9 Security Vulnerability Matrix is a record of vulnerabilities affecting the EOL BIND 9.9 branch during (or very shortly after) its lifetime. It is known to be affected by some vulnerabilities discovered after the EOL date (July 2018) but those will not be listed here.

This article has two parts:

  • The first part is a table listing all of the vulnerabilities covered by this page. The first column is a reference number for use in the tables in the second part. The second column is the CVE (Common Vulnerabilities and Exposure) number for the vulnerability, linked to its page on cve.mitre.org. The third column is a short description of the vulnerability, linked (where possible) to our Knowledgebase article on the vulnerability.
  • The second part is a table listing all of the releases in this branch along the side and vulnerabilities along the top. If a vulnerability number is less than the lowest column heading, that branch does not have any versions with it. If a vulnerability number is greater than the highest column heading, that branch has not been tested and should be assumed to be vulnerable.

See the matrix for current branches for more information about how to interpret these tables.

We do not generally list alpha, beta, or release candidate (RC) versions here, and recommend that you use only released software in any environment in which security could be an issue. This page explains our version numbering system.

Using obsolete versions of BIND
We recommend that you not use obsolete versions of any ISC software. It was updated for a reason.

Listing of Vulnerabilities affecting BIND 9.9

# CVE Number Short Description
98 2018-5741 Update policies krb5-subdomain and ms-subdomain do not enforce controls promised in their documentation
97 2018-5740 A flaw in the "deny-answer-aliases" feature can cause an INSIST assertion failure in named
96 2018-5738 Some versions of BIND can improperly permit recursive query service to unauthorized clients
95 2018-5737 BIND 9.12's serve-stale implementation can cause an assertion failure in rbtdb.c or other undesirable behavior, even if serve-stale is not enabled
94 2018-5736 Multiple transfers of a zone in quick succession can cause an assertion failure in rbtdb.c
93 2018-5734 A malformed request can trigger an assertion failure in badcache.c
92 2017-3145 Improper fetch cleanup sequencing in the resolver can cause named to crash
91 2017-3143 An error in TSIG handling can permit unauthorized dynamic updates
90 2017-3142 An error in TSIG handling can permit unauthorized zone transfers
89 2017-3141 Windows service and uninstall paths are not quoted when BIND is installed
88 2017-3140 An error processing RPZ rules can cause named to loop endlessly after handling a query
87 2017-3139 [Red Hat] assertion failure in DNSSEC validation
86 2017-3138 named exits with a REQUIRE assertion failure if it receives a null command string on its control channel
85 2017-3137 A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME
84 2017-3136 An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;"
83 2017-3135 Combination of DNS64 and RPZ Can Lead to Crash
82 2016-9778 An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c
81 2016-9444 An unusually-formed DS record response could cause an assertion failure
80 2016-9147 An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure
79 2016-9131 A malformed response to an ANY query can cause an assertion failure during recursion
78 2016-8864 A problem handling responses containing a DNAME answer can lead to an assertion failure
77 2016-2848 A packet with malformed options can trigger an assertion failure in ISC BIND versions released prior to May 2013 and in packages derived from releases prior to that date.
76 2016-2776 Assertion Failure in buffer.c While Building Responses to a Specifically Constructed Request
75 2016-2775 A query name which is too long can cause a segmentation fault in lwresd
74 2016-2088 A response containing multiple DNS cookies causes servers with cookie support enabled to exit with an assertion failure
73 2016-1286 A problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in resolver.c or db.c
72 2016-1285 An error parsing input received by the rndc control channel can cause an assertion failure in sexpr.c or alist.c
71 2016-1284 A REQUIRE assertion failure in rdataset.c can be deliberately triggered in servers performing NXDOMAIN redirection
70 2015-8705 Problems converting OPT resource records and ECS options to text format can cause BIND to terminate
69 2015-8704 Specific APL data could trigger an INSIST in apl_42.c
68 2015-8461 A race condition when handling socket errors can lead to an assertion failure in resolver.c
67 2015-8000 Responses with a malformed class attribute can trigger an assertion failure in db.c
66 2015-5986 An incorrect boundary check can trigger a REQUIRE assertion failure in openpgpkey_61.c
65 2015-5722 Parsing malformed keys may cause BIND to exit due to a failed assertion in buffer.c
64 2015-5477 An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure
63 2015-4620 Specially Constructed Zone Data Can Cause a Resolver to Crash when Validating
62 2015-1349 A Problem with Trust Anchor Management Can Cause named to Crash
61 2014-8680 Defects in GeoIP features can cause BIND to crash
60 2014-8500 A Defect in Delegation Handling Can Be Exploited to Crash BIND
59 2014-3859 BIND named can crash due to a defect in EDNS printing processing
58 2014-3214 A Defect in Prefetch Can Cause Recursive Servers to Crash
57 2014-0591 A Crafted Query Against an NSEC3-signed Zone Can Crash BIND
56 2013-6230 A Winsock API Bug can cause a side-effect affecting BIND ACLs
55 2013-4854 A specially crafted query can cause BIND to terminate abnormally
54 2013-3919 A recursive resolver can be crashed by a query for a malformed zone
53 2013-2266 A Maliciously Crafted Regular Expression Can Cause Memory Exhaustion in named
52 2012-5689 BIND 9 with DNS64 enabled can unexpectedly terminate when resolving domains in RPZ
51 2012-5688 BIND 9 servers using DNS64 can be crashed by a crafted query
50 2012-5166 Specially crafted DNS data can cause a lockup in named
49 2012-4244 A specially crafted Resource Record could cause named to terminate
48 2012-3868 High TCP query load can trigger a memory leak
47 2012-3817 Heavy DNSSEC validation load can cause a "bad cache" assertion failure
46 2012-1667 Handling of zero length rdata can cause named to terminate unexpectedly

Why don't the reference numbers begin at 1?
To reduce confusion we preserve the reference number across all of our articles and tables; to reduce clutter we have pared down the entries to only those listed in the table for this branch.

BIND 9.9

(EOL July 2018; final matrix update 2018-09-19)

ver/CVE 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98
9.9.13-P1 +
9.9.13 + +
9.9.12 + + +
9.9.11-P1 + +
9.9.11 + + +
9.9.10-P2 + + +
9.9.10-P1 + + + + +
9.9.10 + + + + + + +
9.9.9-P8 + + + + + +
9.9.9-P7 + + + + + + +
9.9.9-P6 + + + + + + + + +
9.9.9-P5 + + + + + + + + +
9.9.9-P4 + + + + + + + + + + + +
9.9.9-P3 + + + + + + + + + + + +
9.9.9-P2 + + + + + + + + + + + + +
9.9.9-P1 + + + + + + + + + + + + + +
9.9.9 + + + + + + + + + + + + + +
9.9.8-P4 + + + + + + + + + + + + +
9.9.8-P3 + + + + + + + + + + + + + + +
9.9.8-P2 + + + + + + + + + + + + + + + +
9.9.8-P1 + + + + + + + + + + + + + + + + +
9.9.8 + + + + + + + + + + + + + + + + + +
9.9.7-P3 + + + + + + + + + + + + + + + + +
9.9.7-P2 + + + + + + + + + + + + + + + + + + +
9.9.7-P1 + + + + + + + + + + + + + + + + + + + +
9.9.7 + + + + + + + + + + + + + + + + + + + + +
9.9.6-P2 + + + + + + + + + + + + + + + + + + + +
9.9.6-P1 + + + + + + + + + + + + + + + + + + + + +
9.9.6 + + + + + + + + + + + + + + + + + + + + + +
9.9.5-P1 + + + + + + + + + + + + + + + + + + + + + +
9.9.5-W1 + + + + + + + + + + + + + + + + + + + + + +
9.9.5 + + + + + + + + + + + + + + + + + + + + + +
9.9.4-P2 + + + + + + + + + + + + + + + + + + + + + +
9.9.4-P1 + + + + + + + + + + + + + + + + + + + + + + +
9.9.4 + + + + + + + + + + + + + + + + + + + + + + + +
9.9.3-P2 + + + + + + + + + + + + + + + + + + + + + + + +
9.9.3-P1 + + + + + + + + + + + + + + + + + + + + + + + + +
9.9.3 + + + + + + + + + + + + + + + + + + + + + + + + + +
9.9.2-P2 + + + + + + + + + + + + + + + + + + + + + + + +
9.9.2-P1 + + + + + + + + + + + + + + + + + + + + + + + + +
9.9.2 + + + + + + + + + + + + + + + + + + + + + + + + + +
9.9.1-P4 + + + + + + + + + + + + + + + + + + + + + + + + + +
9.9.1-P3 + + + + + + + + + + + + + + + + + + + + + + + + + + +
9.9.1-P2 + + + + + + + + + + + + + + + + + + + + + + + + + + + +
9.9.1-P1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
9.9.1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
9.9.0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +