=====================================================================

                               CERT-Renater

                     Note d'Information No. 2022/VULN186

_____________________________________________________________________

DATE                : 25/05/2022

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running ISC BIND versions prior to 9.18.3,
                                             9.19.1.

=====================================================================
https://kb.isc.org/docs/cve-2022-1183
_____________________________________________________________________

CVE-2022-1183: Destroying a TLS session early causes assertion failure

     Updated on 18 May 2022

CVE: CVE-2022-1183

Document version: 2.0

Posting date: 18 May 2022

Program impacted: BIND

Versions affected: BIND 9.18.0 -> 9.18.2 and 9.19.0 of the BIND 9.19 
development branch

Severity: High

Exploitable: Remotely


Description:

An assertion failure can be triggered if a TLS connection to a 
configured http TLS listener with a defined endpoint is destroyed too early.


Impact:

On vulnerable configurations, the named daemon may, in some 
circumstances, terminate with an assertion failure. Vulnerable 
configurations are those that include a reference to http within the 
listen-on statements in their named.conf. TLS is used by both DNS over 
TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone 
are unaffected.


CVSS Score: 7.0

CVSS Vector: CVSS v3.1 Vector: 
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C

For more information on the Common Vulnerability Scoring System and to 
obtain your specific environmental score please visit: 
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C&version=3.1.


Workarounds:

No workarounds known.


Active exploits:

We are not aware of any active exploits.


Solution:

Upgrade to the patched release most closely related to your current 
version of BIND:

     BIND 9.18.3 (Current Stable)
     BIND 9.19.1 (Development)

Acknowledgments: ISC would like to thank Thomas Amgarten from arcade 
solutions ag for for discovering and reporting this issue.


Document revision history:

1.0 Early Notification, 11 May 2022
2.0 Public disclosure, 18 May 2022

Related documents:

See our BIND 9 Security Vulnerability Matrix for a complete listing of 
security vulnerabilities and versions affected.

Do you still have questions? Questions regarding this advisory should go 
to security-officer@isc.org. To report a new issue, please encrypt your 
message using security-officer@isc.org's PGP key which can be found 
here: https://www.isc.org/pgpkey/. If you are unable to use encrypted 
email, you may also report new issues at: https://www.isc.org/reportbug/.


Note:

ISC patches only currently supported versions. When possible we indicate 
EOL versions affected. (For current information on which versions are 
actively supported, please see https://www.isc.org/download/.)


ISC Security Vulnerability Disclosure Policy:

Details of our current security advisory policy and practice can be 
found in the ISC Software Defect and Security Vulnerability Disclosure 
Policy at https://kb.isc.org/docs/aa-00861.

The Knowledgebase article https://kb.isc.org/docs/cve-2022-1183 is the 
complete and official security advisory document.


Legal Disclaimer:

Internet Systems Consortium (ISC) is providing this notice on an "AS IS" 
basis. No warranty or guarantee of any kind is expressed in this notice 
and none should be implied. ISC expressly excludes and disclaims any 
warranties regarding this notice or materials referred to in this 
notice, including, without limitation, any implied warranty of 
merchantability, fitness for a particular purpose, absence of hidden 
defects, or of non-infringement. Your use or reliance on this notice or 
materials referred to in this notice is at your own risk. ISC may change 
this notice at any time. A stand-alone copy or paraphrase of the text of 
this document that omits the document URL is an uncontrolled copy. 
Uncontrolled copies may lack important information, be out of date, or 
contain factual errors.



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================