Multiple vulnerabilities are found in the ISC BIND software. A remote attacker could send a specially crafted query to request a record with malformed class attribute to trigger REQUIRE assertion failure, causing a denial-of-service condition. In addition, a flaw was found which can cause the BIND to exit after encountering an INSIST assertion failure.
Both authoritative and recursive name servers are vulnerable to these problems.
Successful exploitation could lead to a denial of service (DoS) condition on an affected system.
Internet Systems Consortium (ISC) has released the following patches to solve the problems:
Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
https://kb.isc.org/article/AA-01317
https://kb.isc.org/article/AA-01319
https://www.us-cert.gov/ncas/current-activity/2015/12/15/Internet-Systems-Consortium-ISC-Releases-Security-Updates-BIND
https://www.hkcert.org/my_url/en/alert/15121602
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461