CVE-2018-5735 : What You Need to Know
Learn about CVE-2018-5735 involving a backport of the fix for CVE-2017-3137 in Debian, causing an assertion failure. Find out the impact, affected systems, and mitigation steps.
This CVE involves a backport of the fix for CVE-2017-3137 in Debian, resulting in an assertion failure in validator.c:1858.
Understanding CVE-2018-5735
This CVE affects Debian versions 9.9.5.dfsg-9+deb8u15, 9.9.5.dfsg-9+deb8u18, 9.10.3.dfsg.P4-12.3+deb9u5, and 9.11.5.P4+dfsg-5.1.
What is CVE-2018-5735?
The backport of the fix for CVE-2017-3137 in Debian leads to an assertion failure in validator.c:1858.
The Impact of CVE-2018-5735
- The issue affects specific Debian versions as mentioned above.
- ISC releases remain unaffected by this problem.
- Similar backports for CVE-2017-3137 in other distributions may also be impacted.
Technical Details of CVE-2018-5735
This section provides more technical insights into the vulnerability.
Vulnerability Description
The backport of the fix for CVE-2017-3137 in Debian causes an assertion failure in validator.c:1858.
Affected Systems and Versions
- Product: BIND9
- Vendor: Debian
- Versions: Debian BIND9 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1
Exploitation Mechanism
- Attack Complexity: Low
- Attack Vector: Network
- Availability Impact: High
- Base Score: 7.5 (High)
Mitigation and Prevention
Here are the steps to mitigate and prevent the CVE-2018-5735 vulnerability.
Immediate Steps to Take
- Update affected Debian versions to the patched releases.
- Monitor for any unusual network activity.
Long-Term Security Practices
- Regularly update software and apply security patches.
- Conduct security audits to identify and address vulnerabilities.
Patching and Updates
- Ensure all systems are running the latest patched versions of BIND9.