The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of RHEL 7: assertion error via Bind Debug Log Level

Synthesis of the vulnerability 

An attacker can force an assertion error via Bind Debug Log Level of RHEL 7, in order to trigger a denial of service.
Impacted systems: McAfee Web Gateway, RHEL.
Severity of this alert: 2/4.
Creation date: 30/01/2019.
Références of this alert: CVE-2018-5742, RHBUG-1655844, RHSA-2019:0194-01, SB10278, VIGILANCE-VUL-28403.

Description of the vulnerability 

An attacker can force an assertion error via Bind Debug Log Level of RHEL 7, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This vulnerability impacts software or systems such as McAfee Web Gateway, RHEL.

Our Vigil@nce team determined that the severity of this security announce is medium.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this computer vulnerability note.

Solutions for this threat 

RHEL 7.6: new bind packages.
New packages are available:
  RHEL 7: bind 9.9.4-73.el7_6

McAfee Web Gateway: patch for Third Party.
A patch is indicated in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computers vulnerabilities patch. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.