csaf_microsoft - msrc

MSRC_CVE-2020-8619

Vulnerability from csaf_microsoft - Published: 2020-06-02 00:00 - Updated: 2020-08-18 00:00

Summary

A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2020-8619 A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2020/msrc_cve-2020-8619.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer",
    "tracking": {
      "current_release_date": "2020-08-18T00:00:00.000Z",
      "generator": {
        "date": "2025-10-19T17:54:46.582Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2020-8619",
      "initial_release_date": "2020-06-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2020-08-18T00:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1.0",
                "product": {
                  "name": "CBL Mariner 1.0",
                  "product_id": "16820"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccm1 bind 9.16.3-2",
                "product": {
                  "name": "\u003ccm1 bind 9.16.3-2",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cm1 bind 9.16.3-2",
                "product": {
                  "name": "cm1 bind 9.16.3-2",
                  "product_id": "19172"
                }
              }
            ],
            "category": "product_name",
            "name": "bind"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccm1 bind 9.16.3-2 as a component of CBL Mariner 1.0",
          "product_id": "16820-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cm1 bind 9.16.3-2 as a component of CBL Mariner 1.0",
          "product_id": "19172-16820"
        },
        "product_reference": "19172",
        "relates_to_product_reference": "16820"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-8619",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "general",
          "text": "isc",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "19172-16820"
        ],
        "known_affected": [
          "16820-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-8619 A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2020/msrc_cve-2020-8619.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-08-18T00:00:00.000Z",
          "details": "9.16.3-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "16820-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "temporalScore": 4.9,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "16820-1"
          ]
        }
      ],
      "title": "A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer"
    }
  ]
}

CVE-2020-8619 (GCVE-0-2020-8619)

Vulnerability from cvelistv5 – Published: 2020-06-17 21:20 – Updated: 2024-09-17 03:28

Summary

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.

Severity ?

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

The asterisk character ("*") is allowed in DNS zone files, where it is most commonly present as a wildcard at a terminal node of the Domain Name System graph. However, the RFCs do not require and BIND does not enforce that an asterisk character be present only at a terminal node. A problem can occur when an asterisk is present in an empty non-terminal location within the DNS graph. If such a node exists, after a series of queries, named can reach an inconsistent state that results in the failure of an assertion check in rbtdb.c, followed by the program exiting due to the assertion failure. Versions affected: BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3. Also, versions 9.11.14-S1 -> 9.11.19-S1 of BIND Supported Preview Edition

Assigner

isc

References

URL

Tags

	https://kb.isc.org/docs/cve-2020-8619	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://security.netapp.com/advisory/ntap-2020062…	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://usn.ubuntu.com/4399-1/	vendor-advisoryx_refsource_UBUNTU
	https://www.debian.org/security/2020/dsa-4752	vendor-advisoryx_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Impacted products

	Vendor	Product	Version
	ISC	BIND9	Affected: 9.11.14 through versions before 9.11.20 Affected: 9.16.0 through versions before 9.16.4 Affected: 9.11.14-S1 through versions before 9.11.20-S1 Affected: 9.14.9 through versions 9.14.12

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:03:46.317Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.isc.org/docs/cve-2020-8619"
          },
          {
            "name": "FEDORA-2020-54a91444ff",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNFTTYJ5JJJJ6QG3AHXJGDIIEYMDFWFW/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200625-0003/"
          },
          {
            "name": "FEDORA-2020-5f8da4b260",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIOXMJX4N3LBKC65OXNBE52W4GAS7QEX/"
          },
          {
            "name": "USN-4399-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4399-1/"
          },
          {
            "name": "DSA-4752",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4752"
          },
          {
            "name": "openSUSE-SU-2020:1699",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
          },
          {
            "name": "openSUSE-SU-2020:1701",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIND9",
          "vendor": "ISC",
          "versions": [
            {
              "status": "affected",
              "version": "9.11.14 through versions before 9.11.20"
            },
            {
              "status": "affected",
              "version": "9.16.0 through versions before 9.16.4"
            },
            {
              "status": "affected",
              "version": "9.11.14-S1 through versions before 9.11.20-S1"
            },
            {
              "status": "affected",
              "version": "9.14.9 through versions 9.14.12"
            }
          ]
        }
      ],
      "datePublic": "2020-06-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ISC BIND9 versions BIND 9.11.14 -\u003e 9.11.19, BIND 9.14.9 -\u003e 9.14.12, BIND 9.16.0 -\u003e 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -\u003e 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk (\"*\") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "The asterisk character (\"*\") is allowed in DNS zone files, where it is most commonly present as a wildcard at a terminal node of the Domain Name System graph. However, the RFCs do not require and BIND does not enforce that an asterisk character be present only at a terminal node.  A problem can occur when an asterisk is present in an empty non-terminal location within the DNS graph. If such a node exists, after a series of queries, named can reach an inconsistent state that results in the failure of an assertion check in rbtdb.c, followed by the program exiting due to the assertion failure.  Versions affected: BIND 9.11.14 -\u003e 9.11.19, BIND 9.14.9 -\u003e 9.14.12, BIND 9.16.0 -\u003e 9.16.3. Also, versions 9.11.14-S1 -\u003e 9.11.19-S1 of BIND Supported Preview Edition",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-20T11:06:44",
        "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "shortName": "isc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.isc.org/docs/cve-2020-8619"
        },
        {
          "name": "FEDORA-2020-54a91444ff",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNFTTYJ5JJJJ6QG3AHXJGDIIEYMDFWFW/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200625-0003/"
        },
        {
          "name": "FEDORA-2020-5f8da4b260",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIOXMJX4N3LBKC65OXNBE52W4GAS7QEX/"
        },
        {
          "name": "USN-4399-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4399-1/"
        },
        {
          "name": "DSA-4752",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4752"
        },
        {
          "name": "openSUSE-SU-2020:1699",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
        },
        {
          "name": "openSUSE-SU-2020:1701",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n    BIND 9.11.20\n    BIND 9.16.4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9.11.20-S1"
        }
      ],
      "source": {
        "discovery": "USER"
      },
      "title": "A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer",
      "workarounds": [
        {
          "lang": "en",
          "value": "None"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-officer@isc.org",
          "DATE_PUBLIC": "2020-06-10T19:10:58.000Z",
          "ID": "CVE-2020-8619",
          "STATE": "PUBLIC",
          "TITLE": "A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIND9",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "9.11.14 through versions before 9.11.20"
                          },
                          {
                            "version_value": "9.16.0 through versions before 9.16.4"
                          },
                          {
                            "version_value": "9.11.14-S1 through versions before 9.11.20-S1"
                          },
                          {
                            "version_value": "9.14.9 through versions 9.14.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ISC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ISC BIND9 versions BIND 9.11.14 -\u003e 9.11.19, BIND 9.14.9 -\u003e 9.14.12, BIND 9.16.0 -\u003e 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -\u003e 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk (\"*\") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "The asterisk character (\"*\") is allowed in DNS zone files, where it is most commonly present as a wildcard at a terminal node of the Domain Name System graph. However, the RFCs do not require and BIND does not enforce that an asterisk character be present only at a terminal node.  A problem can occur when an asterisk is present in an empty non-terminal location within the DNS graph. If such a node exists, after a series of queries, named can reach an inconsistent state that results in the failure of an assertion check in rbtdb.c, followed by the program exiting due to the assertion failure.  Versions affected: BIND 9.11.14 -\u003e 9.11.19, BIND 9.14.9 -\u003e 9.14.12, BIND 9.16.0 -\u003e 9.16.3. Also, versions 9.11.14-S1 -\u003e 9.11.19-S1 of BIND Supported Preview Edition"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.isc.org/docs/cve-2020-8619",
              "refsource": "CONFIRM",
              "url": "https://kb.isc.org/docs/cve-2020-8619"
            },
            {
              "name": "FEDORA-2020-54a91444ff",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CNFTTYJ5JJJJ6QG3AHXJGDIIEYMDFWFW/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200625-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200625-0003/"
            },
            {
              "name": "FEDORA-2020-5f8da4b260",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIOXMJX4N3LBKC65OXNBE52W4GAS7QEX/"
            },
            {
              "name": "USN-4399-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4399-1/"
            },
            {
              "name": "DSA-4752",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4752"
            },
            {
              "name": "openSUSE-SU-2020:1699",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
            },
            {
              "name": "openSUSE-SU-2020:1701",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Upgrade to the patched release most closely related to your current version of BIND:\n\n    BIND 9.11.20\n    BIND 9.16.4\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9.11.20-S1"
          }
        ],
        "source": {
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "None"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
    "assignerShortName": "isc",
    "cveId": "CVE-2020-8619",
    "datePublished": "2020-06-17T21:20:13.611975Z",
    "dateReserved": "2020-02-05T00:00:00",
    "dateUpdated": "2024-09-17T03:28:34.772Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

MSRC_CVE-2020-8619

CVE-2020-8619 (GCVE-0-2020-8619)

Tags

Sightings

Nomenclature