upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-26 11:22:52 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
bind9/lib/dns/include/dst
History
Ondřej Surý 9bdace3fa3
Fix GSS-API context leak in TKEY negotiation 
Reject multi-round GSS-API negotiation (GSS_S_CONTINUE_NEEDED) in
dst_gssapi_acceptctx().  Each call to gss_accept_sec_context()
allocates a context inside the GSS library; without this fix, the
context handle was passed back to process_gsstkey() which did not
store it persistently, leaking it on every incomplete negotiation.

An unauthenticated attacker could exhaust server memory by sending
repeated TKEY queries with GSSAPI tokens, each leaking one GSS
context.  The leaked memory is allocated by the GSS library via
malloc(), bypassing BIND's memory accounting.

In practice, Kerberos/SPNEGO (the only mechanism used with BIND)
completes in a single round, so rejecting continuation does not
affect real-world deployments.  See RFC 3645 Section 4.1.3.

(cherry picked from commit 3d8e0d068f08694282c5ecd3bd6c332de6c75485)
2026-05-07 13:09:18 +02:00
..
dst.h Minor refactor of dst code 2025-10-01 12:26:40 +00:00
gssapi.h Fix GSS-API context leak in TKEY negotiation 2026-05-07 13:09:18 +02:00