CVE-2022-3924

CVE-2022-3924

Name

CVE-2022-3924

Description

This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://kb.isc.org/docs/cve-2022-3924

Type

URI

MISC

https://kb.isc.org/docs/cve-2022-3924

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:isc:bind:9.16.13:s1:::supported_preview:::*`	bind	== None	== 9.16.13
`cpe:2.3:a:isc:bind:9.16.21:s1:::supported_preview:::*`	bind	== None	== 9.16.21
`cpe:2.3:a:isc:bind:9.16.32:s1:::supported_preview:::*`	bind	== None	== 9.16.32
`cpe:2.3:a:isc:bind:9.16.14:s1:::supported_preview:::*`	bind	== None	== 9.16.14
`cpe:2.3:a:isc:bind:::::-:::*`	bind	>= 9.19.0	< 9.19.9
`cpe:2.3:a:isc:bind:::::-:::*`	bind	>= 9.18.0	< 9.18.11
`cpe:2.3:a:isc:bind:9.16.36:s1:::supported_preview:::*`	bind	== None	== 9.16.36
`cpe:2.3:a:isc:bind:::::-:::*`	bind	>= 9.16.12	< 9.16.37
`cpe:2.3:a:isc:bind:9.16.12:s1:::supported_preview:::*`	bind	== None	== 9.16.12

CPE URI

Source package

Min version

Max version

cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*

bind

== None

== 9.16.13

cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview:*:*:*

bind

== None

== 9.16.21

cpe:2.3:a:isc:bind:9.16.32:s1:*:*:supported_preview:*:*:*

bind

== None

== 9.16.32

cpe:2.3:a:isc:bind:9.16.14:s1:*:*:supported_preview:*:*:*

bind

== None

== 9.16.14

cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*

bind

>= 9.19.0

< 9.19.9

cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*

bind

>= 9.18.0

< 9.18.11

cpe:2.3:a:isc:bind:9.16.36:s1:*:*:supported_preview:*:*:*

bind

== None

== 9.16.36

cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*

bind

>= 9.16.12

< 9.16.37

cpe:2.3:a:isc:bind:9.16.12:s1:*:*:supported_preview:*:*:*

bind

== None

== 9.16.12

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
bind	edge-main	9.18.11-r0	Mike Crute <mike@crute.us>	fixed
bind	edge-main	9.18.10-r0	None	possibly vulnerable
bind	edge-main	9.18.9-r0	None	possibly vulnerable
bind	edge-main	9.18.8-r0	None	possibly vulnerable
bind	edge-main	9.18.7-r0	None	possibly vulnerable
bind	edge-main	9.18.5-r0	None	possibly vulnerable
bind	edge-main	9.18.4-r3	None	possibly vulnerable
bind	edge-main	9.18.4-r2	None	possibly vulnerable
bind	edge-main	9.18.3-r2	None	possibly vulnerable
bind	edge-main	9.18.3-r1	None	possibly vulnerable
bind	edge-main	9.18.3-r0	None	possibly vulnerable
bind	edge-main	9.16.29-r0	None	possibly vulnerable
bind	edge-main	9.16.28-r0	None	possibly vulnerable
bind	edge-main	9.16.27-r0	None	possibly vulnerable
bind	edge-main	9.16.25-r0	None	possibly vulnerable
bind	edge-main	9.16.24-r0	None	possibly vulnerable
bind	edge-main	9.16.22-r5	None	possibly vulnerable
bind	edge-main	9.16.22-r4	None	possibly vulnerable
bind	edge-main	9.16.22-r0	None	possibly vulnerable
bind	edge-main	9.16.20-r4	None	possibly vulnerable
bind	edge-main	9.16.20-r3	None	possibly vulnerable
bind	edge-main	9.16.20-r2	None	possibly vulnerable
bind	edge-main	9.16.20-r1	None	possibly vulnerable
bind	edge-main	9.16.20-r0	None	possibly vulnerable
bind	edge-main	9.16.19-r0	None	possibly vulnerable
bind	edge-main	9.16.18-r3	None	possibly vulnerable
bind	edge-main	9.16.18-r2	None	possibly vulnerable
bind	edge-main	9.16.15-r0	None	possibly vulnerable
bind	3.22-main	9.18.11-r0	None	fixed
bind	3.22-main	9.18.7-r0	None	possibly vulnerable
bind	3.22-main	9.16.27-r0	None	possibly vulnerable
bind	3.22-main	9.16.22-r0	None	possibly vulnerable
bind	3.22-main	9.16.20-r0	None	possibly vulnerable
bind	3.22-main	9.16.15-r0	None	possibly vulnerable
bind	3.21-main	9.18.11-r0	None	fixed
bind	3.21-main	9.18.7-r0	None	possibly vulnerable
bind	3.21-main	9.16.27-r0	None	possibly vulnerable
bind	3.21-main	9.16.22-r0	None	possibly vulnerable
bind	3.21-main	9.16.20-r0	None	possibly vulnerable
bind	3.21-main	9.16.15-r0	None	possibly vulnerable
bind	3.20-main	9.18.11-r0	None	fixed
bind	3.20-main	9.18.7-r0	None	possibly vulnerable
bind	3.20-main	9.16.27-r0	None	possibly vulnerable
bind	3.20-main	9.16.22-r0	None	possibly vulnerable
bind	3.20-main	9.16.20-r0	None	possibly vulnerable
bind	3.20-main	9.16.15-r0	None	possibly vulnerable
bind	3.19-main	9.18.11-r0	None	fixed
bind	3.19-main	9.18.7-r0	None	possibly vulnerable
bind	3.19-main	9.16.27-r0	None	possibly vulnerable
bind	3.19-main	9.16.22-r0	None	possibly vulnerable
bind	3.19-main	9.16.20-r0	None	possibly vulnerable
bind	3.19-main	9.16.15-r0	None	possibly vulnerable
bind	3.18-main	9.18.11-r0	None	fixed
bind	3.17-main	9.18.11-r0	None	fixed

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages