Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2022-3094

Published: 26/01/2023 Updated: 07/11/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Isc

Vulnerability Summary

Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions (ACLs) and is retained during the processing of a dynamic update from a client whose access credentials are accepted. Memory allocated to clients that are not permitted to send updates is released immediately upon rejection. The scope of this vulnerability is limited therefore to trusted clients who are permitted to make dynamic zone changes. If a dynamic update is REFUSED, memory will be released again very quickly. Therefore it is only likely to be possible to degrade or stop `named` by sending a flood of unaccepted dynamic updates comparable in magnitude to a query flood intended to achieve the same detrimental outcome. BIND 9.11 and previous versions branches are also affected, but through exhaustion of internal resources rather than memory constraints. This may reduce performance but should not be a significant problem for most servers. Therefore we don't intend to address this for BIND versions prior to BIND 9.16. This issue affects BIND 9 versions 9.16.0 up to and including 9.16.36, 9.18.0 up to and including 9.18.10, 9.19.0 up to and including 9.19.8, and 9.16.8-S1 up to and including 9.16.36-S1.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

isc bind 9.16.8

isc bind 9.16.11

isc bind 9.16.13

isc bind 9.16.21

isc bind 9.16.32

isc bind 9.16.14

isc bind

isc bind 9.16.36

Vendor Advisories

Ubuntu Security Notice: USN-5827-1: Bind vulnerabilities
Several security issues were fixed in Bind ...
Debian Security Advisories: DSA-5329-1 bind9 -- security update
Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service against named For the stable distribution (bullseye), these problems have been fixed in version 1:91637-1~deb11u1 We recommend that you upgrade your bind9 packages For the detailed security status of bind9 please refer to its sec ...
Red Hat: Moderate: bind9.16 security and bug fix update
Synopsis Moderate: bind916 security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for bind916 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update ...
Red Hat: Important: ACS 4.1 enhancement update
Synopsis Important: ACS 41 enhancement update Type/Severity Security Advisory: Important Topic Updated images are now available for Red Hat Advanced Cluster Security 416 The updated images includes security fixesRed Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System ( ...
Red Hat: Moderate: bind security and bug fix update
Synopsis Moderate: bind security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for bind is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as havin ...
Red Hat: Important: RHACS 3.74 enhancement and security update
Synopsis Important: RHACS 374 enhancement and security update Type/Severity Security Advisory: Important Topic Updated images are now available for Red Hat Advanced Cluster Security 374 The updated images includes bug and security fixesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Red Hat: Important: OpenShift Virtualization 4.12.9 Images security and bug fix update
Synopsis Important: OpenShift Virtualization 4129 Images security and bug fix update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 4129 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...
Red Hat: Important: Red Hat Single Sign-On 7.6.6 for OpenShift image enhancement and security update
Synopsis Important: Red Hat Single Sign-On 766 for OpenShift image enhancement and security update Type/Severity Security Advisory: Important Topic A new image is available for Red Hat Single Sign-On 766, running on OpenShift Container Platform 310 and 311, and 43Red Hat Product Security has rated this update as having a security impa ...
Red Hat: Moderate: RHACS 4.3 enhancement and security update
Synopsis Moderate: RHACS 43 enhancement and security update Type/Severity Security Advisory: Moderate Topic Updated images are now available for Red Hat Advanced Cluster Security The updated image includes bug and security fixesRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Sc ...
Red Hat: Important: Red Hat OpenShift Pipelines 1.10.6 release and security update
Synopsis Important: Red Hat OpenShift Pipelines 1106 release and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Pipelines 1106 has been releasedRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Red Hat: Moderate: bind security update
Synopsis Moderate: bind security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for bind is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security ...
Red Hat: Important: OpenShift Container Platform 4.13.2 bug fix and security update
Synopsis Important: OpenShift Container Platform 4132 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4132 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
Red Hat: Important: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update
Synopsis Important: Red Hat OpenShift Data Foundation 4130 security and bug fix update Type/Severity Security Advisory: Important Topic Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4130 on Red Hat Enterprise Linux 9Red Hat ...
Red Hat:
Description<!---->A flaw was found in Bind, where sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory This issue may cause named to exit due to a lack of free memory, resulting in a denial of service (DoS)A flaw was found in Bind, where sending a flood of dynamic DNS updates may cause named to allocate large ...

References

CWE-416https://kb.isc.org/docs/cve-2022-3094https://ubuntu.com/security/notices/USN-5827-1https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook