CVE-2022-2795

Description

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.

Related CPE's

aiscbind9.11.7s1**supported_preview***

aiscbind9.11.3s1**supported_preview***

aiscbind9.11.6s1**supported_preview***

aiscbind9.10.5s1**supported_preview***

aiscbind9.11.5s5**supported_preview***

aiscbind9.11.5s3**supported_preview***

aiscbind9.9.3s1**supported_preview***

aiscbind9.11.5s3***supported_preview**

aiscbind9.9.3s1***supported_preview**

aiscbind9.10.7s1**supported_preview***

References

https://kb.isc.org/docs/cve-2022-2795

PatchVendor Advisory

[oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)

Mailing ListPatchThird Party Advisory

DSA-5235

Third Party Advisory

FEDORA-2022-ef038365de

Mailing ListThird Party Advisory

FEDORA-2022-8268735e06

Mailing ListThird Party Advisory

FEDORA-2022-b197d64471

Mailing ListThird Party Advisory

[debian-lts-announce] 20221005 [SECURITY] [DLA 3138-1] bind9 security update

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io