{
  "threat_severity" : "Important",
  "public_date" : "2018-08-08T21:30:00Z",
  "bugzilla" : {
    "description" : "bind: processing of certain records when \"deny-answer-aliases\" is in use may trigger an assert leading to a denial of service",
    "id" : "1613595",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1613595"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-617",
  "details" : [ "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.", "A denial of service flaw was discovered in bind versions that include the \"deny-answer-aliases\" feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition." ],
  "statement" : "The \"deny-answer-aliases\" configuration option is not enabled in default configurations of bind. Upstream states that this option is very rarely used. As such, if customers have not specifically enabled this option in configurations, the risk should be mitigated.",
  "acknowledgement" : "Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) as the original reporter.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2018-08-27T00:00:00Z",
    "advisory" : "RHSA-2018:2571",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "bind-32:9.8.2-0.68.rc1.el6_10.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2018-08-27T00:00:00Z",
    "advisory" : "RHSA-2018:2570",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "bind-32:9.9.4-61.el7_5.1"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "bind",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "bind97",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "bind",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "bind",
    "cpe" : "cpe:/o:redhat:rhev_hypervisor:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-5740\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-5740\nhttps://kb.isc.org/article/AA-01639/74/CVE-2018-5740" ],
  "name" : "CVE-2018-5740",
  "mitigation" : {
    "value" : "Disabling the \"deny-answer-aliases\" configuration option should prevent exploitation.",
    "lang" : "en:us"
  },
  "csaw" : false
}