Home

CVE-2017-3145

Description

BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
7.935

Associated Vulnerability

VulnerabilityOS Platform
Internet Domain Name Server (USN-3259-1) bind9_9.10.3.dfsg.P4-8ubuntu1.10_i386.debLinux
Internet Domain Name Server (USN-3259-1) bind9_9.10.3.dfsg.P4-8ubuntu1.10_amd64.debLinux
Internet Domain Name Server (USN-3346-1) bind9_9.9.5.dfsg-3ubuntu0.17_amd64.debLinux
Internet Domain Name Server (USN-3535-1) bind9_9.10.3.dfsg.P4-12.6ubuntu1.1_i386.debLinux
Internet Domain Name Server (USN-3535-1) bind9_9.10.3.dfsg.P4-12.6ubuntu1.1_amd64.debLinux
(RHSA-2018:0101) Important: bind security update bind-9.8.2-0.62.rc1.el6_9.5.i686.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-9.8.2-0.62.rc1.el6_9.5.x86_64.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-chroot-9.8.2-0.62.rc1.el6_9.5.i686.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-chroot-9.8.2-0.62.rc1.el6_9.5.x86_64.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-devel-9.8.2-0.62.rc1.el6_9.5.i686.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-devel-9.8.2-0.62.rc1.el6_9.5.x86_64.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-libs-9.8.2-0.62.rc1.el6_9.5.i686.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-libs-9.8.2-0.62.rc1.el6_9.5.x86_64.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-sdb-9.8.2-0.62.rc1.el6_9.5.i686.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-sdb-9.8.2-0.62.rc1.el6_9.5.x86_64.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-utils-9.8.2-0.62.rc1.el6_9.5.i686.rpmLinux
(RHSA-2018:0101) Important: bind security update bind-utils-9.8.2-0.62.rc1.el6_9.5.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-chroot-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-devel-9.9.4-51.el7_4.2.i686.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-devel-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-libs-9.9.4-51.el7_4.2.i686.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-libs-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-libs-lite-9.9.4-51.el7_4.2.i686.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-libs-lite-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-license-9.9.4-51.el7_4.2.noarch.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-lite-devel-9.9.4-51.el7_4.2.i686.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-lite-devel-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-pkcs11-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-pkcs11-devel-9.9.4-51.el7_4.2.i686.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-pkcs11-devel-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-pkcs11-libs-9.9.4-51.el7_4.2.i686.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-pkcs11-libs-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-pkcs11-utils-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-sdb-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-sdb-chroot-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0102) Important: bind security update bind-utils-9.9.4-51.el7_4.2.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-9.8.2-0.17.rc1.el6_4.13.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-9.8.2-0.23.rc1.el6_5.8.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-9.8.2-0.30.rc1.el6_6.10.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-9.8.2-0.37.rc1.el6_7.12.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-9.8.2-0.37.rc1.el6_7.12.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-chroot-9.8.2-0.17.rc1.el6_4.13.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-chroot-9.8.2-0.23.rc1.el6_5.8.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-chroot-9.8.2-0.30.rc1.el6_6.10.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-chroot-9.8.2-0.37.rc1.el6_7.12.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-chroot-9.8.2-0.37.rc1.el6_7.12.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-devel-9.8.2-0.17.rc1.el6_4.13.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-devel-9.8.2-0.17.rc1.el6_4.13.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-devel-9.8.2-0.23.rc1.el6_5.8.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-devel-9.8.2-0.23.rc1.el6_5.8.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-devel-9.8.2-0.30.rc1.el6_6.10.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-devel-9.8.2-0.30.rc1.el6_6.10.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-devel-9.8.2-0.37.rc1.el6_7.12.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-devel-9.8.2-0.37.rc1.el6_7.12.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-libs-9.8.2-0.17.rc1.el6_4.13.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-libs-9.8.2-0.17.rc1.el6_4.13.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-libs-9.8.2-0.23.rc1.el6_5.8.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-libs-9.8.2-0.23.rc1.el6_5.8.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-libs-9.8.2-0.30.rc1.el6_6.10.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-libs-9.8.2-0.30.rc1.el6_6.10.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-libs-9.8.2-0.37.rc1.el6_7.12.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-libs-9.8.2-0.37.rc1.el6_7.12.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-sdb-9.8.2-0.17.rc1.el6_4.13.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-sdb-9.8.2-0.23.rc1.el6_5.8.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-sdb-9.8.2-0.30.rc1.el6_6.10.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-sdb-9.8.2-0.37.rc1.el6_7.12.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-sdb-9.8.2-0.37.rc1.el6_7.12.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-utils-9.8.2-0.17.rc1.el6_4.13.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-utils-9.8.2-0.23.rc1.el6_5.8.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-utils-9.8.2-0.30.rc1.el6_6.10.x86_64.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-utils-9.8.2-0.37.rc1.el6_7.12.i686.rpmLinux
(RHSA-2018:0487) Important: bind security update bind-utils-9.8.2-0.37.rc1.el6_7.12.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-chroot-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-chroot-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-devel-9.9.4-29.el7_2.8.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-devel-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-devel-9.9.4-50.el7_3.3.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-devel-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-libs-9.9.4-29.el7_2.8.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-libs-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-libs-9.9.4-50.el7_3.3.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-libs-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-libs-lite-9.9.4-29.el7_2.8.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-libs-lite-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-libs-lite-9.9.4-50.el7_3.3.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-libs-lite-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-license-9.9.4-29.el7_2.8.noarch.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-license-9.9.4-50.el7_3.3.noarch.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-lite-devel-9.9.4-29.el7_2.8.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-lite-devel-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-lite-devel-9.9.4-50.el7_3.3.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-lite-devel-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-devel-9.9.4-29.el7_2.8.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-devel-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-devel-9.9.4-50.el7_3.3.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-devel-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-libs-9.9.4-29.el7_2.8.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-libs-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-libs-9.9.4-50.el7_3.3.i686.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-libs-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-utils-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-pkcs11-utils-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-sdb-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-sdb-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-sdb-chroot-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-sdb-chroot-9.9.4-50.el7_3.3.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-utils-9.9.4-29.el7_2.8.x86_64.rpmLinux
(RHSA-2018:0488) Important: bind security update bind-utils-9.9.4-50.el7_3.3.x86_64.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Server 12-SP2 ) bind-9.9.9P1-63.7.1.x86_64.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Server 12-SP2 ) bind-chrootenv-9.9.9P1-63.7.1.x86_64.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Desktop 12-SP2 ) bind-debuginfo-9.9.9P1-63.7.1.x86_64.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Desktop 12-SP2 ) bind-debugsource-9.9.9P1-63.7.1.x86_64.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Server 12-SP2 ) bind-doc-9.9.9P1-63.7.1.noarch.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Desktop 12-SP2 ) bind-libs-9.9.9P1-63.7.1.x86_64.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Desktop 12-SP2 ) bind-libs-32bit-9.9.9P1-63.7.1.x86_64.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Desktop 12-SP2 ) bind-libs-debuginfo-9.9.9P1-63.7.1.x86_64.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Desktop 12-SP2 ) bind-libs-debuginfo-32bit-9.9.9P1-63.7.1.x86_64.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Desktop 12-SP2 ) bind-utils-9.9.9P1-63.7.1.x86_64.rpmLinux
SUSE-SU-2018:0303-1(SUSE Linux Enterprise Desktop 12-SP2 ) bind-utils-debuginfo-9.9.9P1-63.7.1.x86_64.rpmLinux
SUSE-SU-2018:0362-1(SUSE Linux Enterprise Server 11-SP4 ) bind-9.9.6P1-0.51.7.1.x86_64.rpmLinux
SUSE-SU-2018:0362-1(SUSE Linux Enterprise Server 11-SP4 ) bind-chrootenv-9.9.6P1-0.51.7.1.x86_64.rpmLinux
SUSE-SU-2018:0362-1(SUSE Linux Enterprise Server 11-SP4 ) bind-doc-9.9.6P1-0.51.7.1.x86_64.rpmLinux
SUSE-SU-2018:0362-1(SUSE Linux Enterprise Server 11-SP4 ) bind-libs-9.9.6P1-0.51.7.1.x86_64.rpmLinux
SUSE-SU-2018:0362-1(SUSE Linux Enterprise Server 11-SP4 ) bind-libs-32bit-9.9.6P1-0.51.7.1.x86_64.rpmLinux
SUSE-SU-2018:0362-1(SUSE Linux Enterprise Server 11-SP4 ) bind-utils-9.9.6P1-0.51.7.1.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-chroot-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0488) Important: bind security update bind-devel-9.9.4-29.el7_2.8.i686.rpmLinux
(CESA-2018:0488) Important: bind security update bind-devel-9.9.4-29.el7_2.8.x86_64.rpmLinux
(CESA-2018:0488) Important: bind security update bind-libs-9.9.4-29.el7_2.8.i686.rpmLinux
(CESA-2018:0488) Important: bind security update bind-libs-9.9.4-29.el7_2.8.x86_64.rpmLinux
(CESA-2018:0488) Important: bind security update bind-libs-lite-9.9.4-29.el7_2.8.i686.rpmLinux
(CESA-2018:0488) Important: bind security update bind-libs-lite-9.9.4-29.el7_2.8.x86_64.rpmLinux
(CESA-2018:0488) Important: bind security update bind-license-9.9.4-29.el7_2.8.noarch.rpmLinux
(CESA-2018:0488) Important: bind security update bind-lite-devel-9.9.4-29.el7_2.8.i686.rpmLinux
(CESA-2018:0488) Important: bind security update bind-lite-devel-9.9.4-29.el7_2.8.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-pkcs11-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0488) Important: bind security update bind-pkcs11-devel-9.9.4-29.el7_2.8.i686.rpmLinux
(CESA-2018:0488) Important: bind security update bind-pkcs11-devel-9.9.4-29.el7_2.8.x86_64.rpmLinux
(CESA-2018:0488) Important: bind security update bind-pkcs11-libs-9.9.4-29.el7_2.8.i686.rpmLinux
(CESA-2018:0488) Important: bind security update bind-pkcs11-libs-9.9.4-29.el7_2.8.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-pkcs11-utils-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-sdb-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-sdb-chroot-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-utils-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-devel-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-libs-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-libs-lite-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-lite-devel-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-pkcs11-devel-9.9.4-51.el7_4.2.x86_64.rpmLinux
(CESA-2018:0102) Important: bind security update bind-pkcs11-libs-9.9.4-51.el7_4.2.x86_64.rpmLinux
Use After Free Vulnerability (CVE-2017-3145)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234