Published: 21/09/2022 Updated: 25/09/2022
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

Vulnerability Summary

It exists that Bind incorrectly handled memory when processing certain Diffie-Hellman key exchanges. A remote attacker could use this issue to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2906)

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

isc bind

isc bind 9.11.7

isc bind 9.11.3

isc bind 9.11.6

isc bind 9.11.5

isc bind 9.11.12

isc bind 9.16.8

isc bind 9.16.11

isc bind 9.16.13

isc bind 9.16.21

isc bind 9.11.8

isc bind 9.11.14-s1

isc bind 9.11.19-s1

isc bind 9.11.21

isc bind 9.11.27

isc bind 9.11.29

isc bind 9.11.35

isc bind 9.16.32

isc bind 9.11.37

debian debian linux 11.0

Vendor Advisories

Description<!----> A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in crashing the program ...
Several vulnerabilities were discovered in BIND, a DNS server implementation CVE-2022-2795 Yehuda Afek, Anat Bremler-Barr and Shani Stajnrod discovered that a flaw in the resolver code can cause named to spend excessive amounts of time on processing large delegations, significantly degrade resolver performance and result in denial ...
Several security issues were fixed in Bind ...