MNBSD-2015-1: BIND DNSSEC managed-keys uninitialized variable crash

Severity: Unknown

Affected Package: bind

Summary: BIND DNSSEC managed-keys uninitialized variable crash

Description

BIND servers configured to perform DNSSEC validation using managed keys (implicit with dnssec-validation auto or dnssec-lookaside auto) could exhibit unpredictable behavior due to the use of an improperly initialized variable. A remote attacker could exploit this to crash named, causing a denial of service.

Affected Versions

bind

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2015-1349

Published: February 25, 2015
Last Modified: February 25, 2015