CVE-2018-5736 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-706	bind	9.12.1-1	9.12.1.P2-1	Medium	Fixed

Date	Advisory	Group	Package	Severity	Type
20 May 2018	ASA-201805-20	AVG-706	bind	Medium	denial of service

References
https://kb.isc.org/article/AA-01602/74/CVE-2018-5736

Notes
Workaround: For servers which must receive notifies to keep slave zone contents current, no complete workarounds are known although restricting BIND to only accept NOTIFY messages from authorized sources can greatly mitigate the risk of attack.

Notes

Workaround:

For servers which must receive notifies to keep slave zone contents current, no complete workarounds are known although restricting BIND to only accept NOTIFY messages from authorized sources can greatly mitigate the risk of attack.