CVE-2018-5742 MEDIUM

CVE-2018-5742: An oversight while backporting a feature leads to an assertion failure in buffer.c:420

Vendor Redhat
Product BIND9
Published October 30, 2019
Last update September 17, 2024

CVSS base score

5.9/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 -> bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also be affected.

Key dates

02Disclosure timeline

October 30, 2019 CVE published
September 17, 2024 Record updated