CVE-2018-5734

Name of the Vulnerable Software and Affected Versions: BIND versions 9.10.5-S1 through 9.10.5-S4 BIND versions 9.10.6-S1 through 9.10.6-S2

Description: The issue arises when BIND handles a specific type of malformed packet, incorrectly selecting a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request lacks expected information.

Recommendations: For BIND versions 9.10.5-S1 through 9.10.5-S4, consider disabling the SERVFAIL cache feature as a temporary workaround until a patch is available. For BIND versions 9.10.6-S1 through 9.10.6-S2, consider disabling the SERVFAIL cache feature as a temporary workaround until a patch is available.