EUVD-2022-40774

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

An attacker can exploit malformed EdDSA signatures to induce memory leaks and crashes in named.

Reporter	Title	Published	Views	Family All 264
IBM Security Bulletins	Security Bulletin: IBM Robotic Process Automation for Cloud Pak may be vulnerable to a denial of service due to ISC BIND (CVE-2022-38177, CVE-2022-38178).	8 Mar 202320:50	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in bind affects IBM Integrated Analytics System [CVE-2022-38178]	3 Jan 202310:54	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM includes multiple components with known vulnerabilities	13 Feb 202313:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs	26 Mar 202503:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in base image packages affect IBM Voice Gateway	1 Nov 202216:02	–	ibm
IBM Security Bulletins	Security Bulletin: ISC BIND on IBM i is vulnerable to denial of service due to memory leaks and a flaw in resolver code (CVE-2022-2795, CVE-2022-38177, CVE-2022-38178)	28 Nov 202220:43	–	ibm
IBM Security Bulletins	Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2022-38178, CVE-2022-3080, CVE-2022-38177, CVE-2022-2795)	16 Jan 202418:36	–	ibm
Tenable Nessus	AIX 7.1 TL 5 : bind (IJ44422)	27 Dec 202200:00	–	nessus
Tenable Nessus	AIX 7.2 TL 5 : bind (IJ44425)	27 Dec 202200:00	–	nessus
Tenable Nessus	AIX 7.2 TL 5 : bind (IJ44426) (deprecated)	27 Dec 202200:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "91055f70-e48c-3779-98d3-2e41af5069b9",
        "vendor": {
          "name": "ISC"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "06449349-40b4-3456-a8d9-e41b4885eb56",
        "product": {
          "name": "BIND9"
        },
        "product_version": "Open Source Branches 9.11 through 9.16 9.11.3 through versions before 9.16.33"
      },
      {
        "id": "0cb204fb-4025-385c-bbc1-2864a2935ce1",
        "product": {
          "name": "BIND9"
        },
        "product_version": "Supported Preview Branch 9.11-S 9.11.4-S1 through versions up to and including 9.11.37-S1"
      },
      {
        "id": "57e972aa-add6-3f91-90ea-a264e9ee2f34",
        "product": {
          "name": "BIND9"
        },
        "product_version": "Open Source Branch 9.10 9.10.7 through versions up to and including 9.10.8"
      },
      {
        "id": "597c59ac-b196-3402-834b-4a97cda7ae2d",
        "product": {
          "name": "BIND9"
        },
        "product_version": "Supported Preview Branch 9.16-S 9.16.8-S1 through versions before 9.16.33-S1"
      },
      {
        "id": "adc8abf3-4cfe-340d-88cc-829fd9ea2b68",
        "product": {
          "name": "BIND9"
        },
        "product_version": "Open Source Branch 9.18 9.18.0 through versions before 9.18.7"
      },
      {
        "id": "d0b1fa88-2191-3c2b-898a-e4de435d421d",
        "product": {
          "name": "BIND9"
        },
        "product_version": "Development Branch 9.19 9.19.0 through versions before 9.19.5"
      },
      {
        "id": "ee5bada1-d0da-38d6-8bd8-7677fead16f6",
        "product": {
          "name": "BIND9"
        },
        "product_version": "Open Source Branch 9.9 9.9.12 through versions up to and including 9.9.13"
      }
    ]
  }
]

Source	Link
debian	www.debian.org/security/2022/dsa-5235
advisories	www.advisories.mageia.org/CVE-2022-38178.html
access	www.access.redhat.com/errata/RHSA-2022:6763
access	www.access.redhat.com/errata/RHSA-2022:6764
access	www.access.redhat.com/errata/RHSA-2022:6765
access	www.access.redhat.com/errata/RHSA-2022:6778
access	www.access.redhat.com/errata/RHSA-2022:6779
access	www.access.redhat.com/errata/RHSA-2022:6780
access	www.access.redhat.com/errata/RHSA-2022:6781
access	www.access.redhat.com/errata/RHSA-2022:8598

03 Oct 2025 20:07Current

7.6High risk

Vulners AI Score7.6

CVSS 3.17.5

EPSS0.01421

SSVC