{"id":"CVE-2017-3135","details":"Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1.","modified":"2026-07-08T05:48:43.672443729Z","published":"2019-01-16T20:29:00.283Z","related":["SUSE-SU-2017:0594-1","SUSE-SU-2017:0595-1","SUSE-SU-2017:0596-1","openSUSE-SU-2024:10650-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_STRING","extracted_events":[{"introduced":"8.0"},{"last_affected":"8.0"},{"introduced":"9.0"},{"last_affected":"9.0"}],"cpes":["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"],"vendor_product":"debian:debian_linux"},{"source":"CPE_STRING","extracted_events":[{"introduced":"9.9.9-s7"},{"last_affected":"9.9.9-s7"},{"introduced":"9.9.9-s7"},{"last_affected":"9.9.9-s7"},{"introduced":"9.9.10-beta1"},{"last_affected":"9.9.10-beta1"},{"introduced":"9.9.10-beta1"},{"last_affected":"9.9.10-beta1"},{"introduced":"9.10.5-beta1"},{"last_affected":"9.10.5-beta1"},{"introduced":"9.10.5-beta1"},{"last_affected":"9.10.5-beta1"},{"introduced":"9.11.1-beta1"},{"last_affected":"9.11.1-beta1"},{"introduced":"9.11.1-beta1"},{"last_affected":"9.11.1-beta1"}],"vendor_product":"isc:bind","cpes":["cpe:2.3:a:isc:bind:9.10.5:beta1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.1:beta1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:s7:*:*:*:*:*:*"]},{"source":"CPE_STRING","extracted_events":[{"introduced":"7.0"},{"last_affected":"7.0"}],"vendor_product":"redhat:enterprise_linux_desktop","cpes":["cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"]},{"source":"CPE_STRING","extracted_events":[{"introduced":"7.0"},{"last_affected":"7.0"}],"vendor_product":"redhat:enterprise_linux_server","cpes":["cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"]},{"extracted_events":[{"introduced":"7.3"},{"last_affected":"7.3"},{"introduced":"7.4"},{"last_affected":"7.4"},{"introduced":"7.6"},{"last_affected":"7.6"}],"source":"CPE_STRING","cpes":["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_server_aus"},{"extracted_events":[{"introduced":"7.3"},{"last_affected":"7.3"},{"introduced":"7.4"},{"last_affected":"7.4"},{"introduced":"7.5"},{"last_affected":"7.5"},{"introduced":"7.6"},{"last_affected":"7.6"}],"source":"CPE_STRING","cpes":["cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_server_eus"},{"extracted_events":[{"introduced":"7.3"},{"last_affected":"7.3"},{"introduced":"7.6"},{"last_affected":"7.6"}],"source":"CPE_STRING","cpes":["cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_server_tus"},{"source":"CPE_STRING","extracted_events":[{"introduced":"7.0"},{"last_affected":"7.0"}],"vendor_product":"redhat:enterprise_linux_workstation","cpes":["cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"]}]},"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2017-0276.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/96150"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1037801"},{"type":"ADVISORY","url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us"},{"type":"ADVISORY","url":"https://kb.isc.org/docs/aa-01453"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201708-01"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20180926-0005/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-3795"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/isc-projects/bind9","events":[{"introduced":"d281b39456519db31c6213d010d30d99df8cf852"},{"last_affected":"111ec860a840d09dbd0551044e5fdc37d546c6b6"}],"database_specific":{"source":"CPE_STRING","extracted_events":[{"introduced":"9.9.3"},{"last_affected":"9.9.3"},{"introduced":"9.9.3-s1"},{"last_affected":"9.9.3-s1"},{"introduced":"9.9.8"},{"last_affected":"9.9.8"},{"introduced":"9.9.9-p5"},{"last_affected":"9.9.9-p5"},{"introduced":"9.10.0"},{"last_affected":"9.10.0"},{"introduced":"9.10.4-p1"},{"last_affected":"9.10.4-p1"},{"introduced":"9.10.4-p2"},{"last_affected":"9.10.4-p2"},{"introduced":"9.10.4-p3"},{"last_affected":"9.10.4-p3"},{"introduced":"9.10.4-p4"},{"last_affected":"9.10.4-p4"},{"introduced":"9.10.4-p5"},{"last_affected":"9.10.4-p5"},{"introduced":"9.11.0"},{"last_affected":"9.11.0"},{"introduced":"9.11.0-p1"},{"last_affected":"9.11.0-p1"},{"introduced":"9.11.0-p2"},{"last_affected":"9.11.0-p2"}],"cpe":["cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.8:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:p5:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*"]}}],"versions":["9.10.0","9.10.4-p1","9.10.4-p2","9.10.4-p3","9.10.4-p4","9.10.4-p5","9.11.0","9.11.0-p1","9.11.0-p2","9.9.3","9.9.3-s1","9.9.8","9.9.9-p5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-3135.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.isc.org/isc-projects/bind9","events":[{"introduced":"d281b39456519db31c6213d010d30d99df8cf852"},{"last_affected":"111ec860a840d09dbd0551044e5fdc37d546c6b6"}],"database_specific":{"source":"CPE_STRING","extracted_events":[{"introduced":"9.9.3"},{"last_affected":"9.9.3"},{"introduced":"9.9.3-s1"},{"last_affected":"9.9.3-s1"},{"introduced":"9.9.8"},{"last_affected":"9.9.8"},{"introduced":"9.9.9-p5"},{"last_affected":"9.9.9-p5"},{"introduced":"9.10.0"},{"last_affected":"9.10.0"},{"introduced":"9.10.4-p1"},{"last_affected":"9.10.4-p1"},{"introduced":"9.10.4-p2"},{"last_affected":"9.10.4-p2"},{"introduced":"9.10.4-p3"},{"last_affected":"9.10.4-p3"},{"introduced":"9.10.4-p4"},{"last_affected":"9.10.4-p4"},{"introduced":"9.10.4-p5"},{"last_affected":"9.10.4-p5"},{"introduced":"9.11.0"},{"last_affected":"9.11.0"},{"introduced":"9.11.0-p1"},{"last_affected":"9.11.0-p1"},{"introduced":"9.11.0-p2"},{"last_affected":"9.11.0-p2"}],"cpe":["cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.8:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.9:p5:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*"]}}],"versions":["9.10.0","9.10.4-p1","9.10.4-p2","9.10.4-p3","9.10.4-p4","9.10.4-p5","9.11.0","9.11.0-p1","9.11.0-p2","9.9.3","9.9.3-s1","9.9.8","9.9.9-p5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-3135.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}