vulnerability

Red Hat: CVE-2018-5745: An assertion failure if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (Multiple Advisories)

Severity
4
CVSS
(AV:N/AC:M/Au:S/C:N/I:N/A:P)
Published
2019-10-09
Added
2019-11-06
Modified
2023-12-15

Description

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.

Solution(s)

redhat-upgrade-bindredhat-upgrade-bind-chrootredhat-upgrade-bind-debuginforedhat-upgrade-bind-debugsourceredhat-upgrade-bind-develredhat-upgrade-bind-export-develredhat-upgrade-bind-export-libsredhat-upgrade-bind-export-libs-debuginforedhat-upgrade-bind-libsredhat-upgrade-bind-libs-debuginforedhat-upgrade-bind-libs-literedhat-upgrade-bind-libs-lite-debuginforedhat-upgrade-bind-licenseredhat-upgrade-bind-lite-develredhat-upgrade-bind-pkcs11redhat-upgrade-bind-pkcs11-debuginforedhat-upgrade-bind-pkcs11-develredhat-upgrade-bind-pkcs11-libsredhat-upgrade-bind-pkcs11-libs-debuginforedhat-upgrade-bind-pkcs11-utilsredhat-upgrade-bind-pkcs11-utils-debuginforedhat-upgrade-bind-sdbredhat-upgrade-bind-sdb-chrootredhat-upgrade-bind-sdb-debuginforedhat-upgrade-bind-utilsredhat-upgrade-bind-utils-debuginforedhat-upgrade-python3-bind
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.