Latest BIND on Debian 8.7 (jessie) crashed due to assertion failure
Mukund Sivaraman
muks at isc.org
Thu Apr 20 05:54:46 UTC 2017
Hi Carlos
On Thu, Apr 20, 2017 at 12:54:47AM -0300, Carlos Pizarro wrote:
> Today the bind9 service crashed and this were the last few log lines when
> it happened:
>
> Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN':
> 2400:cb00:2049:1::c629:defe#53
> Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN': 64.68.192.10#53
> Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN': 198.41.222.254#53
> Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN': 64.68.196.10#53
> Apr 19 20:46:24 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN':
> 2400:cb00:2049:1::a29f:1835#53
> Apr 19 20:46:24 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN':
> 2400:cb00:2049:1::c629:defe#53
> Apr 19 20:46:24 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN': 198.41.222.254#53
> Apr 19 20:46:24 host named[32115]: resolver.c:4350: INSIST(fctx->type ==
> ((dns_rdatatype_t)dns_rdatatype_any) || fctx->type ==
> ((dns_rdatatype_t)dns_rdatatype_rrsig) || fctx->type ==
> ((dns_rdatatype_t)dns_rdatatype_sig)) failed, back trace
> Apr 19 20:46:24 host named[32115]: #0 0x7f4aebd27a00 in ??
> Apr 19 20:46:24 host named[32115]: #1 0x7f4ae9f038ea in ??
> Apr 19 20:46:24 host named[32115]: #2 0x7f4aeb5e914e in ??
> Apr 19 20:46:24 host named[32115]: #3 0x7f4ae9f25d5b in ??
> Apr 19 20:46:24 host named[32115]: #4 0x7f4ae98d6064 in ??
> Apr 19 20:46:24 host named[32115]: #5 0x7f4ae92a462d in ??
> Apr 19 20:46:24 host named[32115]: exiting (due to assertion failure)
>
> ( Same log on Pastebin https://pastebin.com/a1K0L3wJ )
>
>
> Looking at the code line where it crashed I thought that it was related
> to CVE-2016-9131 but it was patched already on this Debian build:
>
> http://metadata.ftp-master.debian.org/changelogs/main/b/bind9/bind9_9.9.5.dfsg-9+deb8u10_changelog
>
>
> Does anyone has any insight on what may be happening? I'm trying to avoid
> backporting the newest BIND from Stretch but I would if this won't happen
> on that version but I'm unsure as changelog seems to be quite similar to
> the changelog of my version:
>
> http://metadata.ftp-master.debian.org/changelogs/main/b/bind9/bind9_9.10.3.dfsg.P4-12.1_changelog
This should be covered by the fix for CVE-2017-3137. See the following link:
https://security-tracker.debian.org/tracker/CVE-2017-3137
Mukund
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20170420/863b6413/attachment.bin>
More information about the bind-users
mailing list