A deep look at CVE-2015-5477 and how CloudFlare Virtual DNS customers are protected
A critical remotely exploitable vulnerability was discovered in BIND9 DNS server that could cause a crash with a single packet. The mistake in handling of queries for the TKEY type causes an assertion to fail, leading to a server crash. Since the exploit packet is now public, it's crucial to investigate and understand the vulnerable code. The patch for this vulnerability involves adding name = NULL before the second call to dns_message_findname in dns_tkey_processquery function. Virtual DNS customers have always been protected from this attack even if they run BIND as RRDNS, CloudFlare's custom Go DNS server, validates incoming packets and strips them down to the most simple form possible before relaying them.
Company
Cloudflare
Date published
Aug. 4, 2015
Author(s)
Filippo Valsorda
Word count
1357
Language
English
Hacker News points
83