BIND 9 Resolver crashes after logging an error in query.c.
Multiple version of BIND 9. Specific versions under investigation
A remote server can cause the target connected client to crash. Organizations across the Internet are reporting crashes interrupting service on BIND 9 nameservers performing recursive queries. Affected servers crash after logging an error in query.c with the following message: "INSIST(! dns_rdataset_isassociated(sigrdataset))" Multiple versions are reported as being affected, including all currently supported release versions of ISC BIND 9. ISC is actively investigating the root cause and working to produce patches which avoid the crash.
A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error when processing recursive queries. No further information is currently available.
NOTE: The vulnerability is currently being actively exploited.
The vulnerability is reported in version 9.x.
Restrict access to trusted hosts (a workaround patch is under investigation - a workaround patch is currently being tested.)