Description
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
Related CPE's
a
isc
bind
o
debian
debian_linux
o
fedoraproject
fedora
References
http://www.openwall.com/lists/oss-security/2022/09/21/3
https://kb.isc.org/docs/cve-2022-2795
https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html
https://security.gentoo.org/glsa/202210-25
https://www.debian.org/security/2022/dsa-5235
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2022-09-21T11:15:09.470
2 years agoLast modified
2023-11-07T03:46:53.600
1 year ago