CVE-2022-2795

Name
CVE-2022-2795
Description
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
CONFIRM https://kb.isc.org/docs/cve-2022-2795
mailing-list http://www.openwall.com/lists/oss-security/2022/09/21/3
vendor-advisory https://www.debian.org/security/2022/dsa-5235
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/
mailing-list https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html
vendor-advisory https://security.gentoo.org/glsa/202210-25
vendor-advisory https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/
vendor-advisory https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/
vendor-advisory https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/

Match rules

CPE URI Source package Min version Max version
bind9 == Open Source Branches 9.0 through 9.16 9.0.0 through versions before 9.16.33 == Open Source Branches 9.0 through 9.16 9.0.0 through versions before 9.16.33
bind9 == Open Source Branch 9.18 9.18.0 through versions before 9.18.7 == Open Source Branch 9.18 9.18.0 through versions before 9.18.7
bind9 == Supported Preview Branches 9.9-S through 9.11-S 9.9.3-S1 through versions up to and including 9.11.37-S1 == Supported Preview Branches 9.9-S through 9.11-S 9.9.3-S1 through versions up to and including 9.11.37-S1
bind9 == Supported Preview Branch 9.16-S 9.16.8-S1 through versions before 9.16.33-S1 == Supported Preview Branch 9.16-S 9.16.8-S1 through versions before 9.16.33-S1
bind9 == Development Branch 9.19 9.19.0 through versions before 9.19.5 == Development Branch 9.19 9.19.0 through versions before 9.19.5

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
bind 3.13-main 9.16.33-r0 None fixed