[CVE-2021-25214] A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly
CVE-specific actions
-
Assign a CVE identifier -
Determine CVSS score -
Determine the range of BIND versions affected (including the Subscription Edition) -
Determine whether workarounds for the problem exists -
Prepare a detailed description of the problem which should include the following by default: - instructions for reproducing the problem (a system test is good enough)
- explanation of code flow which triggers the problem (a system test is not good enough)
-
Prepare a private merge request containing the following items in separate commits: - a test for the issue (may be moved to a separate merge request for deferred merging)
- a fix for the issue
- documentation updates (
CHANGES
, release notes, anything else applicable)
-
Ensure the merge request from the previous step is reviewed by SWENG staff and has no outstanding discussions -
Ensure the documentation changes introduced by the merge request addressing the problem are reviewed by Support and Marketing staff -
Prepare backports of the merge request addressing the problem for all affected (and still maintained) BIND branches (backporting might affect the issue's scope and/or description) -
Prepare a standalone patch for the last stable release of each affected (and still maintained) BIND branch
Release-specific actions
-
Create/update the private issue containing links to fixes & reproducers for all CVEs fixed in a given release cycle: isc-private/bind9#36 -
Reserve a block of CHANGES
placeholders once the complete set of vulnerabilities fixed in a given release cycle is determined -
Ensure the merge requests containing CVE fixes are merged into security-*
branches in CVE identifier order
A customer has reported the following crash in 9.11.22-S1:
02-Feb-2021 10:00:48.027 general: critical: zone.c:12360: fatal error:
02-Feb-2021 10:00:48.027 general: critical: RUNTIME_CHECK(dbsoacount > 0U) failed
02-Feb-2021 10:00:48.027 general: critical: exiting (due to fatal error in library)
At this time the only other information known is that happened on one of the "DNS servers which are used for ENUM".