Published: 21/09/2022 Updated: 25/09/2022
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

Vulnerability Summary

It exists that Bind incorrectly handled memory when processing certain Diffie-Hellman key exchanges. A remote attacker could use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2906)

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

isc bind 9.16.21

isc bind

isc bind 9.16.32

isc bind 9.16.14

Vendor Advisories

Description<!----> A flaw was found in the Bind package, where the resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to 0 and there is a stale CNAME in the cache for an incoming query By sending specific queries to the resolver, an attacker can cause named to crash A flaw wa ...
Several security issues were fixed in Bind ...
Several vulnerabilities were discovered in BIND, a DNS server implementation CVE-2022-2795 Yehuda Afek, Anat Bremler-Barr and Shani Stajnrod discovered that a flaw in the resolver code can cause named to spend excessive amounts of time on processing large delegations, significantly degrade resolver performance and result in denial ...