CVE-2017-3145
- Source
- https://cve.org/CVERecord?id=CVE-2017-3145
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-3145.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-3145
- Downstream
- Related
- Published
- 2019-01-16T20:29:00.690Z
- Modified
- 2026-06-18T03:57:14.286205281Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.
- Database specific
{ "unresolved_ranges": [ { "vendor_product": "debian:debian_linux", "extracted_events": [ { "last_affected": "7.0" }, { "last_affected": "8.0" }, { "last_affected": "9.0" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" ] }, { "vendor_product": "isc:bind", "extracted_events": [ { "last_affected": "9.12.0-alpha1" }, { "last_affected": "9.12.0-alpha1" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:a:isc:bind:9.12.0:alpha1:*:*:*:*:*:*" ] }, { "vendor_product": "juniper:junos", "extracted_events": [ { "last_affected": "12.1x46-d76-NA" }, { "last_affected": "12.3x48-d70-NA" }, { "last_affected": "15.1x49-d140-NA" }, { "last_affected": "17.4r2-NA" }, { "last_affected": "18.1r2-NA" }, { "last_affected": "18.2r1-NA" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:o:juniper:junos:12.1x46-d76:-:*:*:*:*:*:*", "cpe:2.3:o:juniper:junos:12.3x48-d70:-:*:*:*:*:*:*", "cpe:2.3:o:juniper:junos:15.1x49-d140:-:*:*:*:*:*:*", "cpe:2.3:o:juniper:junos:17.4r2:-:*:*:*:*:*:*", "cpe:2.3:o:juniper:junos:18.1r2:-:*:*:*:*:*:*", "cpe:2.3:o:juniper:junos:18.2r1:-:*:*:*:*:*:*" ] }, { "vendor_product": "redhat:enterprise_linux_desktop", "extracted_events": [ { "last_affected": "6.0" }, { "last_affected": "7.0" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" ] }, { "vendor_product": "redhat:enterprise_linux_server", "extracted_events": [ { "last_affected": "6.0" }, { "last_affected": "7.0" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" ] }, { "vendor_product": "redhat:enterprise_linux_server_aus", "extracted_events": [ { "last_affected": "6.4" }, { "last_affected": "6.5" }, { "last_affected": "6.6" }, { "last_affected": "7.2" }, { "last_affected": "7.3" }, { "last_affected": "7.4" }, { "last_affected": "7.6" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" ] }, { "vendor_product": "redhat:enterprise_linux_server_eus", "extracted_events": [ { "last_affected": "6.7" }, { "last_affected": "7.3" }, { "last_affected": "7.4" }, { "last_affected": "7.5" }, { "last_affected": "7.6" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" ] }, { "vendor_product": "redhat:enterprise_linux_server_tus", "extracted_events": [ { "last_affected": "6.6" }, { "last_affected": "7.2" }, { "last_affected": "7.3" }, { "last_affected": "7.6" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" ] }, { "vendor_product": "redhat:enterprise_linux_workstation", "extracted_events": [ { "last_affected": "6.0" }, { "last_affected": "7.0" } ], "source": "CPE_STRING", "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" ] } ] }- References
-
- http://www.securityfocus.com/bid/102716
- http://www.securitytracker.com/id/1040195
- https://access.redhat.com/errata/RHSA-2018:0101
- https://access.redhat.com/errata/RHSA-2018:0102
- https://access.redhat.com/errata/RHSA-2018:0487
- https://access.redhat.com/errata/RHSA-2018:0488
- https://kb.isc.org/docs/aa-01542
- https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html
- https://security.netapp.com/advisory/ntap-20180117-0003/
- https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named
- https://www.debian.org/security/2018/dsa-4089
Affected packages
Git / github.com/isc-projects/bind9
Affected ranges
- Type
- GIT
- Repo
- https://github.com/isc-projects/bind9
- Events
-
IntroducedLast affectedIntroducedLast affectedIntroducedLast affectedIntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "extracted_events": [ { "introduced": "9.4.0" }, { "last_affected": "9.8.8" }, { "introduced": "9.9.0" }, { "last_affected": "9.9.11" }, { "introduced": "9.10.0" }, { "last_affected": "9.10.6" }, { "introduced": "9.11.0" }, { "last_affected": "9.11.2" }, { "introduced": "0" }, { "last_affected": "9.9.3-s1" }, { "last_affected": "9.9.11-s1" }, { "last_affected": "9.10.5-s1" }, { "last_affected": "9.10.6-s1" }, { "last_affected": "9.12.0-b1" }, { "last_affected": "9.12.0-b2" }, { "last_affected": "9.12.0-rc1" } ], "source": [ "CPE_RANGE", "CPE_STRING" ], "cpe": [ "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.11:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.6:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.12.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.12.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.12.0:rc1:*:*:*:*:*:*" ] }
Affected versions
v9.*
v9.10.0a1
v9.10.0a2
v9.10.0b1
v9.10.0b2
v9.10.0rc1
v9.10.0rc2
v9.10.1
v9.10.1b1
v9.10.1b2
v9.10.1rc1
v9.10.1rc2
v9.10.2
v9.10.2b1
v9.10.2rc1
v9.10.2rc2
v9.10.3
v9.10.3b1
v9.10.3rc1
v9.10.4
v9.10.4b1
v9.10.4b2
v9.10.4b3
v9.10.4rc1
v9.10.5
v9.10.5b1
v9.10.5rc1
v9.10.5rc2
v9.10.5rc3
v9.10.6
v9.10.6b1
v9.10.6rc1
v9.10.6rc2
v9.11.0
v9.11.0a1
v9.11.0a2
v9.11.0a3
v9.11.1
v9.11.1b1
v9.11.1rc1
v9.11.1rc2
v9.11.1rc3
v9.11.2
v9.11.2b1
v9.11.2rc1
v9.11.2rc2
v9.12.0a1
v9.12.0b1
v9.12.0b2
v9.12.0rc1
v9.5.0a1
v9.5.0a2
v9.5.0a3
v9.5.0a4
v9.5.0a5
v9.5.0a6
v9.7.0a1
v9.8.0
v9.8.0rc1
v9.8.1b1
v9.8.1rc1
v9.8.2b1
v9.8.2rc1
v9.8.2rc2
v9.8.4b1
v9.8.4rc1
v9.8.5
v9.8.5b1
v9.8.5b2
v9.8.5rc1
v9.8.5rc2
v9.8.6
v9.8.6b1
v9.8.6rc1
v9.8.6rc2
v9.8.7
v9.8.7b1
v9.8.7rc1
v9.8.7rc2
v9.8.8
v9.8.8b1
v9.8.8b2
v9.8.8rc1
v9.8.8rc2
v9.9.0
v9.9.1
v9.9.10
v9.9.10b1
v9.9.10rc1
v9.9.10rc2
v9.9.10rc3
v9.9.11
v9.9.11b1
v9.9.11rc1
v9.9.11rc2
v9.9.2b1
v9.9.2rc1
v9.9.3
v9.9.3b1
v9.9.3b2
v9.9.3rc1
v9.9.3rc2
v9.9.4
v9.9.4b1
v9.9.4rc2
v9.9.5
v9.9.5b1
v9.9.5rc1
v9.9.5rc2
v9.9.6
v9.9.6b1
v9.9.6b2
v9.9.6rc1
v9.9.6rc2
v9.9.7
v9.9.7b1
v9.9.7rc1
v9.9.7rc2
v9.9.8
v9.9.8b1
v9.9.8rc1
v9.9.9
v9.9.9b1
v9.9.9b2
v9.9.9rc1
Git / gitlab.isc.org/isc-projects/bind9
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.isc.org/isc-projects/bind9
- Events
-
IntroducedLast affectedIntroducedLast affectedIntroducedLast affectedIntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "extracted_events": [ { "introduced": "9.4.0" }, { "last_affected": "9.8.8" }, { "introduced": "9.9.0" }, { "last_affected": "9.9.11" }, { "introduced": "9.10.0" }, { "last_affected": "9.10.6" }, { "introduced": "9.11.0" }, { "last_affected": "9.11.2" }, { "introduced": "0" }, { "last_affected": "9.9.3-s1" }, { "last_affected": "9.9.11-s1" }, { "last_affected": "9.10.5-s1" }, { "last_affected": "9.10.6-s1" }, { "last_affected": "9.12.0-b1" }, { "last_affected": "9.12.0-b2" }, { "last_affected": "9.12.0-rc1" } ], "source": [ "CPE_RANGE", "CPE_STRING" ], "cpe": [ "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.11:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.10.6:s1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.12.0:b1:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.12.0:b2:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.12.0:rc1:*:*:*:*:*:*" ] }
Affected versions
v9.*
v9.10.0a1
v9.10.0a2
v9.10.0b1
v9.10.0b2
v9.10.0rc1
v9.10.0rc2
v9.10.1
v9.10.1b1
v9.10.1b2
v9.10.1rc1
v9.10.1rc2
v9.10.2
v9.10.2b1
v9.10.2rc1
v9.10.2rc2
v9.10.3
v9.10.3b1
v9.10.3rc1
v9.10.4
v9.10.4b1
v9.10.4b2
v9.10.4b3
v9.10.4rc1
v9.10.5
v9.10.5b1
v9.10.5rc1
v9.10.5rc2
v9.10.5rc3
v9.10.6
v9.10.6b1
v9.10.6rc1
v9.10.6rc2
v9.11.0
v9.11.0a1
v9.11.0a2
v9.11.0a3
v9.11.1
v9.11.1b1
v9.11.1rc1
v9.11.1rc2
v9.11.1rc3
v9.11.2
v9.11.2b1
v9.11.2rc1
v9.11.2rc2
v9.12.0a1
v9.12.0b1
v9.12.0b2
v9.12.0rc1
v9.5.0a1
v9.5.0a2
v9.5.0a3
v9.5.0a4
v9.5.0a5
v9.5.0a6
v9.7.0a1
v9.8.0
v9.8.0rc1
v9.8.1b1
v9.8.1rc1
v9.8.2b1
v9.8.2rc1
v9.8.2rc2
v9.8.4b1
v9.8.4rc1
v9.8.5
v9.8.5b1
v9.8.5b2
v9.8.5rc1
v9.8.5rc2
v9.8.6
v9.8.6b1
v9.8.6rc1
v9.8.6rc2
v9.8.7
v9.8.7b1
v9.8.7rc1
v9.8.7rc2
v9.8.8
v9.8.8b1
v9.8.8b2
v9.8.8rc1
v9.8.8rc2
v9.9.0
v9.9.1
v9.9.10
v9.9.10b1
v9.9.10rc1
v9.9.10rc2
v9.9.10rc3
v9.9.11
v9.9.11b1
v9.9.11rc1
v9.9.11rc2
v9.9.2b1
v9.9.2rc1
v9.9.3
v9.9.3b1
v9.9.3b2
v9.9.3rc1
v9.9.3rc2
v9.9.4
v9.9.4b1
v9.9.4rc2
v9.9.5
v9.9.5b1
v9.9.5rc1
v9.9.5rc2
v9.9.6
v9.9.6b1
v9.9.6b2
v9.9.6rc1
v9.9.6rc2
v9.9.7
v9.9.7b1
v9.9.7rc1
v9.9.7rc2
v9.9.8
v9.9.8b1
v9.9.8rc1
v9.9.9
v9.9.9b1
v9.9.9b2
v9.9.9rc1