/plushcap/analysis/cloudflare/a-deep-look-at-cve-2015-5477-and-how-cloudflare-virtual-dns-customers-are-protected

A deep look at CVE-2015-5477 and how CloudFlare Virtual DNS customers are protected

What's this blog post about?

A critical remotely exploitable vulnerability was discovered in BIND9 DNS server that could cause a crash with a single packet. The mistake in handling of queries for the TKEY type causes an assertion to fail, leading to a server crash. Since the exploit packet is now public, it's crucial to investigate and understand the vulnerable code. The patch for this vulnerability involves adding name = NULL before the second call to dns_message_findname in dns_tkey_processquery function. Virtual DNS customers have always been protected from this attack even if they run BIND as RRDNS, CloudFlare's custom Go DNS server, validates incoming packets and strips them down to the most simple form possible before relaying them.

Company
Cloudflare

Date published
Aug. 4, 2015

Author(s)
Filippo Valsorda

Word count
1357

Language
English

Hacker News points
83


By Matt Makai. 2021-2024.