The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system failures.

CISA encourages users and administrators to review the following ISC advisories CVE-2022-3094, CVE-2022-3488, CVE-2022-3736, and CVE-2022-3924 and apply the necessary mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

References

kb.isc.org/v1/docs/cve-2022-3094

kb.isc.org/v1/docs/cve-2022-3488

kb.isc.org/v1/docs/cve-2022-3736

kb.isc.org/v1/docs/cve-2022-3924

thn 1

nessus 27

ubuntu 1

slackware 1

cloudfoundry 1

fedora 4

ibm 9

aix 1

openvas 21

altlinux 1

debian 1

osv 9

almalinux 3

oraclelinux 3

photon 2

redhat 15

debiancve 4

f5 4

prion 4

ubuntucve 4

wolfi 3

cve 4

redhatcve 4

cgr 3

veracode 3

cbl_mariner 6

alpinelinux 3

thn

ISC Releases Security Patches for New BIND DNS Software Vulnerabilities

2023-01-28 07:55:00

nessus

EulerOS 2.0 SP11 : bind (EulerOS-SA-2023-1754)

2023-05-08 00:00:00

Fedora 37 : 32:bind / bind-dyndb-ldap (2023-95d98f89a8)

2023-01-30 00:00:00

CentOS 9 : bind-9.16.23-9.el9

2024-02-29 00:00:00

ubuntu

Bind vulnerabilities

2023-01-25 00:00:00

slackware

[slackware-security] bind

2023-01-26 00:41:27

cloudfoundry

USN-5827-1: Bind vulnerabilities | Cloud Foundry

2023-02-24 00:00:00

fedora

[SECURITY] Fedora 37 Update: bind-dyndb-ldap-11.10-10.fc37

2023-01-31 02:02:07

[SECURITY] Fedora 37 Update: bind-9.18.11-1.fc37

2023-01-31 02:02:05

[SECURITY] Fedora 36 Update: bind-dyndb-ldap-11.9-21.fc36

2023-02-06 01:33:56

ibm

Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2022-3094, CVE-2022-3736, CVE-2022-3924)

2023-07-18 16:40:44

Security Bulletin: IBM i DNS is affected by denial of service attacks due to flaws in ISC BIND (CVE-2022-3094, CVE-2022-3736, CVE-2022-3924).

2023-04-13 17:42:26

Security Bulletin: IBM Spectrum Conductor with ISC BIND is vulnerable to a denial of service

2023-10-05 20:12:26

aix

AIX is vulnerable to denial of service due to ISC BIND

2023-07-18 08:40:23

openvas

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-1754)

2023-05-08 00:00:00

Fedora: Security Advisory for bind (FEDORA-2023-a3d608daf4)

2023-02-06 00:00:00

SUSE: Security Advisory (SUSE-SU-2023:0341-1)

2023-02-13 00:00:00

altlinux

Security fix for the ALT Linux 10 package bind version 9.16.37-alt1

2023-02-06 00:00:00

debian

[SECURITY] [DSA 5329-1] bind9 security update

2023-01-26 18:32:16

osv

bind9 vulnerabilities

2023-01-25 17:56:23

bind9 - security update

2023-01-26 00:00:00

Moderate: bind9.16 security and bug fix update

2023-05-16 00:00:00

almalinux

Moderate: bind security and bug fix update

2023-05-09 00:00:00

Moderate: bind9.16 security and bug fix update

2023-05-16 00:00:00

Moderate: bind security update

2023-11-14 00:00:00

oraclelinux

bind security and bug fix update

2023-05-15 00:00:00

bind9.16 security and bug fix update

2023-05-24 00:00:00

bind security update

2023-11-17 00:00:00

photon

Important Photon OS Security Update - PHSA-2023-4.0-0340

2023-02-24 00:00:00

Important Photon OS Security Update - PHSA-2023-3.0-0538

2023-02-26 00:00:00

redhat

(RHSA-2023:2792) Moderate: bind9.16 security and bug fix update

2023-05-16 05:54:46

(RHSA-2023:2261) Moderate: bind security and bug fix update

2023-05-09 05:05:16

(RHSA-2023:7177) Moderate: bind security update

2023-11-14 08:47:03

debiancve

CVE-2022-3488

2023-01-26 21:15:52

CVE-2022-3924

2023-01-26 21:16:03

CVE-2022-3094

2023-01-26 21:15:50

K000132268 : BIND vulnerability CVE-2022-3924

2023-01-27 00:00:00

K000132690 : BIND vulnerability CVE-2022-3488

2023-02-27 00:00:00

K000132266 : BIND vulnerability CVE-2022-3094

2023-01-27 00:00:00

prion

Design/Logic Flaw

2023-01-26 21:15:00

Design/Logic Flaw

2023-01-26 21:16:00

Design/Logic Flaw

2023-01-26 21:15:00

ubuntucve

CVE-2022-3488

2023-01-26 00:00:00

CVE-2022-3924

2023-01-25 00:00:00

CVE-2022-3094

2023-01-25 00:00:00

wolfi

CVE-2022-3924 vulnerabilities

2024-04-27 21:06:10

CVE-2022-3094 vulnerabilities

2024-04-27 21:06:10

CVE-2022-3736 vulnerabilities

2024-04-27 21:06:10

cve

CVE-2022-3924

2023-01-26 21:16:03

CVE-2022-3488

2023-01-26 21:15:52

CVE-2022-3094

2023-01-26 21:15:50

redhatcve

CVE-2022-3924

2023-01-25 16:14:07

CVE-2022-3094

2023-01-25 16:13:48

CVE-2022-3736

2023-01-25 16:13:58

cgr

CVE-2022-3924 vulnerabilities

2024-04-27 21:06:12

CVE-2022-3094 vulnerabilities

2024-04-27 21:06:12

CVE-2022-3736 vulnerabilities

2024-04-27 21:06:12

veracode

Denial Of Service (DoS)

2023-01-29 14:53:16

Denial Of Service (DoS)

2023-01-28 16:49:29

Denial Of Service (DoS)

2023-01-26 20:22:00

cbl_mariner

CVE-2022-3924 affecting package bind 9.16.33-1

2023-03-02 04:18:33

CVE-2022-3924 affecting package bind 9.16.33-2

2023-09-27 18:02:50

CVE-2022-3094 affecting package bind 9.16.33-2

2023-09-27 18:02:50

alpinelinux

CVE-2022-3924

2023-01-26 21:16:03

CVE-2022-3094

2023-01-26 21:15:50

CVE-2022-3736

2023-01-26 21:15:57

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

JSON

Related for CISA:CABACFE9CF5752543E71E36399562DF8