Lucene search
OracleLinuxELSA-2023-2792HistoryMay 24, 2023 - 12:00 a.m.
bind9.16 security and bug fix update
2023-05-2400:00:00
linux.oracle.com
22
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
52.6%
[32:9.16.23-0.14]
- Handle subtle difference between upstream and rhel (CVE-2022-3094)
[32:9.16.23-0.13] - Prevent flooding with UPDATE requests (CVE-2022-3094)
- Handle RRSIG queries when server-stale is active (CVE-2022-3736)
- Fix crash when soft-quota is reached and serve-stale is active (CVE-2022-3924)
[32:9.16.23-0.12] - Include bind9.16-dnssec-utils in public repository (#2115322)
[32:9.16.23-0.11] - Bound the amount of work performed for delegations (CVE-2022-2795)
[32:9.16.23-0.10] - Fix possible serve-stale related crash (CVE-2022-3080)
- Fix memory leak in ECDSA verify processing (CVE-2022-38177)
- Fix memory leak in EdDSA verify processing (CVE-2022-38178)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | bind9.16 | < 9.16.23-0.14.el8 | bind9.16-9.16.23-0.14.el8.src.rpm |
| oracle linux | 8 | aarch64 | bind9.16 | < 9.16.23-0.14.el8 | bind9.16-9.16.23-0.14.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | bind9.16-chroot | < 9.16.23-0.14.el8 | bind9.16-chroot-9.16.23-0.14.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | bind9.16-devel | < 9.16.23-0.14.el8 | bind9.16-devel-9.16.23-0.14.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | bind9.16-dnssec-utils | < 9.16.23-0.14.el8 | bind9.16-dnssec-utils-9.16.23-0.14.el8.aarch64.rpm |
| oracle linux | 8 | noarch | bind9.16-doc | < 9.16.23-0.14.el8 | bind9.16-doc-9.16.23-0.14.el8.noarch.rpm |
| oracle linux | 8 | aarch64 | bind9.16-libs | < 9.16.23-0.14.el8 | bind9.16-libs-9.16.23-0.14.el8.aarch64.rpm |
| oracle linux | 8 | noarch | bind9.16-license | < 9.16.23-0.14.el8 | bind9.16-license-9.16.23-0.14.el8.noarch.rpm |
| oracle linux | 8 | aarch64 | bind9.16-utils | < 9.16.23-0.14.el8 | bind9.16-utils-9.16.23-0.14.el8.aarch64.rpm |
| oracle linux | 8 | noarch | python3-bind9.16 | < 9.16.23-0.14.el8 | python3-bind9.16-9.16.23-0.14.el8.noarch.rpm |
Related
almalinux
almalinux
Moderate: bind security and bug fix update
2023-05-09 00:00:00
Moderate: bind9.16 security and bug fix update
2023-05-16 00:00:00
Moderate: bind security update
2023-11-14 00:00:00
redhat
redhat
(RHSA-2023:2261) Moderate: bind security and bug fix update
2023-05-09 05:05:16
(RHSA-2023:2792) Moderate: bind9.16 security and bug fix update
2023-05-16 05:54:46
(RHSA-2023:7177) Moderate: bind security update
2023-11-14 08:47:03
osv
osv
Moderate: bind security and bug fix update
2023-05-09 00:00:00
Moderate: bind9.16 security and bug fix update
2023-05-16 00:00:00
bind9 - security update
2023-01-26 00:00:00
nessus
nessus
RHEL 8 : bind9.16 (RHSA-2023:2792)
2023-05-16 00:00:00
RHEL 9 : bind (RHSA-2023:2261)
2023-05-12 00:00:00
Oracle Linux 8 : bind9.16 (ELSA-2023-2792)
2023-05-24 00:00:00
oraclelinux
oraclelinux
bind security and bug fix update
2023-05-15 00:00:00
bind security update
2023-11-17 00:00:00
bind security and bug fix update
2023-05-24 00:00:00
ubuntu
ubuntu
Bind vulnerabilities
2023-01-25 00:00:00
Bind vulnerabilities
2022-09-21 00:00:00
slackware
slackware
[slackware-security] bind
2023-01-26 00:41:27
cloudfoundry
cloudfoundry
USN-5827-1: Bind vulnerabilities | Cloud Foundry
2023-02-24 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: bind-dyndb-ldap-11.10-10.fc37
2023-01-31 02:02:07
[SECURITY] Fedora 36 Update: bind-9.16.37-1.fc36
2023-02-06 01:33:54
[SECURITY] Fedora 36 Update: bind-dyndb-ldap-11.9-21.fc36
2023-02-06 01:33:56
ibm
ibm
Security Bulletin: IBM i DNS is affected by denial of service attacks due to flaws in ISC BIND (CVE-2022-3094, CVE-2022-3736, CVE-2022-3924).
2023-04-13 17:42:26
Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2022-3094, CVE-2022-3736, CVE-2022-3924)
2023-07-18 16:40:44
Security Bulletin: Vulnerability in bind (CVE-2022-2795) affects Power HMC
2023-12-11 13:00:05
openvas
openvas
Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2023-95d98f89a8)
2023-02-01 00:00:00
openSUSE: Security Advisory for bind (SUSE-SU-2023:0341-1)
2024-03-04 00:00:00
Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2023-a3d608daf4)
2023-02-06 00:00:00
aix
aix
AIX is vulnerable to denial of service due to ISC BIND
2023-07-18 08:40:23
debian
debian
[SECURITY] [DSA 5329-1] bind9 security update
2023-01-26 18:32:16
altlinux
altlinux
Security fix for the ALT Linux 10 package bind version 9.16.37-alt1
2023-02-06 00:00:00
thn
thn
ISC Releases Security Patches for New BIND DNS Software Vulnerabilities
2023-01-28 07:55:00
cisa
cisa
ISC Releases Security Advisories for Multiple Versions of BIND 9
2023-01-27 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0340
2023-02-24 00:00:00
f5
f5
K000132268 : BIND vulnerability CVE-2022-3924
2023-01-27 00:00:00
K000132266 : BIND vulnerability CVE-2022-3094
2023-01-27 00:00:00
K11742512 : BIND vulnerability CVE-2022-2795
2022-11-28 00:00:00
cve
cve
wolfi
wolfi
CVE-2022-3924 vulnerabilities
2024-04-26 09:06:29
CVE-2022-3094 vulnerabilities
2024-04-26 09:06:29
CVE-2022-3736 vulnerabilities
2024-04-26 09:06:29
prion
prion
Design/Logic Flaw
2023-01-26 21:16:00
Design/Logic Flaw
2023-01-26 21:15:00
Integer overflow
2023-01-26 21:15:00
cgr
cgr
CVE-2022-3924 vulnerabilities
2024-04-26 03:19:48
CVE-2022-3094 vulnerabilities
2024-04-26 03:19:48
CVE-2022-3736 vulnerabilities
2024-04-26 03:19:48
redhatcve
redhatcve
veracode
veracode
Denial Of Service (DoS)
2023-01-29 14:53:16
Denial Of Service (DoS)
2023-01-28 16:49:29
Denial Of Service (DoS)
2022-09-24 12:47:45
cbl_mariner
cbl_mariner
CVE-2022-3924 affecting package bind 9.16.33-2
2023-09-27 18:02:50
CVE-2022-3924 affecting package bind 9.16.33-1
2023-03-02 04:18:33
CVE-2022-3094 affecting package bind 9.16.33-2
2023-09-27 18:02:50
debiancve
debiancve
alpinelinux
alpinelinux
ubuntucve
ubuntucve
cloudlinux
cloudlinux
Fixed CVE-2022-2795 in bind
2022-09-29 18:36:52
centos
centos
bind security update
2023-01-30 16:40:47
rosalinux
rosalinux
Advisory ROSA-SA-2023-2121
2023-02-21 09:45:24
suse
suse
Security update for bind (important)
2022-10-21 00:00:00
Security update for bind (important)
2022-10-25 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
52.6%
Related for ELSA-2023-2792