CVE-2022-3080
published 2022-09-21CVE-2022-3080: By sending specific queries to the resolver, an attacker can cause named to crash.
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
By sending specific queries to the resolver, an attacker can cause named to crash.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | bind9 | < bind9 1:9.18.7-1 (bookworm) | bind9 1:9.18.7-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | >= 9.16.14 < 9.16.33 | 9.16.33 |
| isc | bind | >= 9.18.0 < 9.18.7 | 9.18.7 |
| isc | bind | >= 9.19.0 < 9.19.5 | 9.19.5 |
| isc | bind9 | — | — |
| isc | bind9 | — | — |
| isc | bind9 | — | — |
| isc | bind9 | — | — |
| isc | bind9 | >= 0 < 1:9.16.33-1~deb11u1 | 1:9.16.33-1~deb11u1 |
| isc | bind9 | >= 0 < 1:9.18.7-1 | 1:9.18.7-1 |
| isc | bind9 | >= 0 < 1:9.18.7-1 | 1:9.18.7-1 |
| isc | bind9 | >= 0 < 1:9.18.7-1 | 1:9.18.7-1 |
| isc | bind9 | >= 0 < 1:9.11.3+dfsg-1ubuntu1.18 | 1:9.11.3+dfsg-1ubuntu1.18 |
| isc | bind9 | >= 0 < 1:9.16.1-0ubuntu2.11 | 1:9.16.1-0ubuntu2.11 |
| isc | bind9 | >= 0 < 1:9.18.1-1ubuntu1.2 | 1:9.18.1-1ubuntu1.2 |
| msrc | cbl2_bind_9.16.33-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_bind_9.16.33-1_on_cbl_mariner_1.0 | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH