HITBSecConf2017 Amsterdam (April 10th - 14th)
Register Online Now!
Mystery flaw crashing DNS servers across the internet
Internet globeA zero-day vulnerability is causing BIND 9 DNS servers to crash across the internet. The flaw, described as an "as-yet unidentified network event", appears to be a denial of service vulnerability being exploited in-the-wild. The flaw affects all supported versions of BIND.
The internet Systems Consortium (ISC) have described the problem as follows:
An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure...
Affected servers crashed after logging an error in query.c with the following message: "INSIST(! dns_rdataset_isassociated(sigrdataset))
The cause of the crash is still under investigation but the ISC have reacted swiftly with a set of temporary patches that will prevent servers from crashing. There is no known workaround for the problem and BIND users are encouraged to upgrade.