CVE-2019-6476 Explained : Impact and Mitigation

CVE-2019-6476, published on October 16, 2019, addresses an error in the QNAME minimization code in BIND versions 9.14.0 up to 9.14.6 and 9.15.0 up to 9.15.4. This vulnerability can cause BIND to exit with an assertion failure when a forwarder returns a referral instead of resolving the query.

Understanding CVE-2019-6476

This CVE highlights a specific issue in BIND that can lead to service denial under certain conditions.

What is CVE-2019-6476?

The vulnerability in the QNAME minimization code of BIND can trigger an assertion failure, impacting the program's functionality and potentially denying service to clients.

The Impact of CVE-2019-6476

The vulnerability can be exploited by an attacker to cause named to exit, resulting in service disruption for clients relying on the affected BIND versions.

Technical Details of CVE-2019-6476

This section provides a deeper look into the technical aspects of the vulnerability.

Vulnerability Description

The defect in the QNAME minimization code can lead to an assertion failure in BIND, affecting versions 9.14.0 up to 9.14.6 and 9.15.0 up to 9.15.4.

Affected Systems and Versions

Product: BIND 9
Vendor: ISC
Versions: 9.14.0 up to 9.14.6, 9.15.0 up to 9.15.4

Exploitation Mechanism

An attacker can deliberately trigger the condition on a server performing recursion, causing named to exit and denying service to clients.

Mitigation and Prevention

To address CVE-2019-6476, immediate steps and long-term security practices are recommended.

Immediate Steps to Take

Upgrade to the patched release closest to your current BIND version: BIND 9.14.7 or BIND 9.15.5
Consider disabling QNAME minimization to mitigate the vulnerability

Long-Term Security Practices

Regularly update BIND to the latest versions to ensure security patches are applied
Implement network security measures to detect and prevent potential attacks

Patching and Updates

Stay informed about security advisories and promptly apply patches to keep your systems secure.