CVE-2022-2906
published 2022-09-21CVE-2022-2906: An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | bind9 | < bind9 1:9.18.7-1 (bookworm) | bind9 1:9.18.7-1 (bookworm) |
| isc | bind | >= 9.18.0 < 9.18.7 | 9.18.7 |
| isc | bind | >= 9.19.0 < 9.19.5 | 9.19.5 |
| isc | bind9 | — | — |
| isc | bind9 | — | — |
| isc | bind9 | >= 0 < 1:9.18.7-1 | 1:9.18.7-1 |
| isc | bind9 | >= 0 < 1:9.18.7-1 | 1:9.18.7-1 |
| isc | bind9 | >= 0 < 1:9.18.7-1 | 1:9.18.7-1 |
| isc | bind9 | >= 0 < 1:9.11.3+dfsg-1ubuntu1.18 | 1:9.11.3+dfsg-1ubuntu1.18 |
| isc | bind9 | >= 0 < 1:9.16.1-0ubuntu2.11 | 1:9.16.1-0ubuntu2.11 |
| isc | bind9 | >= 0 < 1:9.18.1-1ubuntu1.2 | 1:9.18.1-1ubuntu1.2 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH