Lucene search

[email protected]CVE-2022-38177

HistorySep 21, 2022 - 11:15 a.m.

CVE-2022-38177

2022-09-2111:15:09

CWE-401

[email protected]

web.nvd.nist.gov

241

cve-2022-38177

spoofing

target resolver

memory leak

named crash

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.2%

JSON

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

Affected configurations

NVD

Node

iscbindRange9.8.4–9.16.32-

iscbindMatch9.9.3s1supported_preview

iscbindMatch9.9.12s1supported_preview

iscbindMatch9.9.13s1supported_preview

iscbindMatch9.10.5s1supported_preview

iscbindMatch9.10.7s1supported_preview

iscbindMatch9.11.3s1supported_preview

iscbindMatch9.11.5s3supported_preview

iscbindMatch9.11.5s5supported_preview

iscbindMatch9.11.5s6supported_preview

iscbindMatch9.11.6s1supported_preview

iscbindMatch9.11.7s1supported_preview

iscbindMatch9.11.8s1supported_preview

iscbindMatch9.11.12s1supported_preview

iscbindMatch9.11.14-s1preview

iscbindMatch9.11.19-s1preview

iscbindMatch9.11.21s1supported_preview

iscbindMatch9.11.27s1supported_preview

iscbindMatch9.11.29s1supported_preview

iscbindMatch9.11.35s1supported_preview

iscbindMatch9.11.37s1supported_preview

iscbindMatch9.16.8s1supported_preview

iscbindMatch9.16.11s1supported_preview

iscbindMatch9.16.13s1supported_preview

iscbindMatch9.16.21s1supported_preview

iscbindMatch9.16.32s1supported_preview

Node

debiandebian_linuxMatch10.0

debiandebian_linuxMatch11.0

Node

fedoraprojectfedoraMatch35

fedoraprojectfedoraMatch36

fedoraprojectfedoraMatch37

Node

netappactive_iq_unified_managerMatch-vmware_vsphere

CPENameOperatorVersion
isc:bindisc bindle9.16.32
isc:bindisc bindeq9.9.3
isc:bindisc bindeq9.9.12
isc:bindisc bindeq9.9.13
isc:bindisc bindeq9.10.5
isc:bindisc bindeq9.10.7
isc:bindisc bindeq9.11.3
isc:bindisc bindeq9.11.5
isc:bindisc bindeq9.11.6
isc:bindisc bindeq9.11.7

CPE	Name	Operator	Version
isc:bind	isc bind	le	9.16.32
isc:bind	isc bind	eq	9.9.3
isc:bind	isc bind	eq	9.9.12
isc:bind	isc bind	eq	9.9.13
isc:bind	isc bind	eq	9.10.5
isc:bind	isc bind	eq	9.10.7
isc:bind	isc bind	eq	9.11.3
isc:bind	isc bind	eq	9.11.5
isc:bind	isc bind	eq	9.11.6
isc:bind	isc bind	eq	9.11.7

Rows per page:

1-10 of 231

CNA Affected

[
  {
    "vendor": "ISC",
    "product": "BIND9",
    "versions": [
      {
        "version": "Open Source Branches 9.8 through 9.16 9.8.4 through versions before 9.16.33",
        "status": "affected"
      },
      {
        "version": "Supported Preview Branches 9.9-S through 9.11-S 9.9.4-S1 through versions up to and including 9.11.37-S1",
        "status": "affected"
      },
      {
        "version": "Supported Preview Branch 9.16-S 9.16.8-S1 through versions before 9.16.33-S1",
        "status": "affected"
      }
    ]
  }
]