7.5
CVSSv3

CVE-2022-38177

Published: 21/09/2022 Updated: 25/09/2022
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

Vulnerability Summary

It exists that Bind incorrectly handled memory when processing certain Diffie-Hellman key exchanges. A remote attacker could use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2906)

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

isc bind 9.11.7

isc bind 9.11.3

isc bind 9.11.6

isc bind 9.10.5

isc bind 9.11.5

isc bind 9.9.3

isc bind 9.9.12

isc bind 9.9.13

isc bind 9.10.7

isc bind 9.16.8

isc bind 9.16.11

isc bind 9.16.13

isc bind 9.11.8

isc bind 9.11.12

isc bind 9.11.27

isc bind 9.11.29

isc bind 9.11.21

isc bind 9.16.32

isc bind 9.11.37

isc bind 9.16.21

isc bind 9.11.14-s1

isc bind 9.11.19-s1

isc bind 9.11.35

isc bind

debian debian linux 11.0

Vendor Advisories

Several security issues were fixed in Bind ...
Description<!----> A flaw was found in the Bind package By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak, resulting in crashing the program A flaw was found in the Bind package By spoofing the target resolver with responses that have a malformed ECDSA ...
Several vulnerabilities were discovered in BIND, a DNS server implementation CVE-2022-2795 Yehuda Afek, Anat Bremler-Barr and Shani Stajnrod discovered that a flaw in the resolver code can cause named to spend excessive amounts of time on processing large delegations, significantly degrade resolver performance and result in denial ...
Several security issues were fixed in Bind ...