ISC Provides Patch For BIND Deadlock Flaw

The Internet Systems Consortium has released a patch for a critical flaw discovered in the BIND domain name services software that could allow hackers to put the system in a deadlock.

The flaw, which could crash the systems running the vulnerable version of the software, allows anyone with nefarious intentions to put BIND in a deadlock and stop it from processing DNS requests.

More particularly, the flaw exists in the authoritative name servers that could crash the system while processing incremental zone transfer (IXFR) updates.

According to an advisory released by the ISC, the IXFR updates deal with the changes in the DNS records. The update contains information on only the changed DNS accounts to save bandwidth.

“When an authoritative server processes a successful IXFR transfer or a dynamic update, there is a small window of time during which the IXFR/update coupled with a query may cause a deadlock to occur,” the ISC said.