CVE-2018-5737

Name of the Vulnerable Software and Affected Versions: BIND 9.12 versions 9.12.0 through 9.12.1

Description: The issue is related to the implementation of the serve-stale feature in BIND 9, which can cause an assertion failure. Interaction with NSEC aggressive negative caching can lead to undesirable behavior, such as recursion loops or excessive logging. This could result in operational problems, including degradation or denial of service.

Recommendations: For BIND 9.12 versions 9.12.0 through 9.12.1, consider disabling the serve-stale feature as a temporary workaround to minimize the risk of exploitation. Restrict access to the rbtdb.c module to prevent potential assertion failures. Avoid using NSEC aggressive negative caching in conjunction with the serve-stale feature until the issue is resolved.