MNBSD-2011-0: named crash from large RRSIG RRsets in negative caching

Severity: Unknown

Affected Package: bind

Summary: named crash from large RRSIG RRsets in negative caching

Description

Very large RRSIG RRsets included in a negative response can trigger an assertion failure that crashes named(8), due to an off-by-one error in a buffer size computation. Systems running a recursive BIND DNS server should update. Referenced by US-CERT VU#795694.

Affected Versions

bind

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2011-1910

Published: May 30, 2011
Last Modified: May 30, 2011