CVE-2022-40188
published 2022-09-23CVE-2022-40188: Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an…
PriorityP434high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.45%
70.2th percentile
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cz.nic | knot-resolver | >= 0 < 5.5.3-1 | 5.5.3-1 |
| cz.nic | knot-resolver | >= 0 < 5.5.3-1 | 5.5.3-1 |
| cz.nic | knot-resolver | >= 0 < 5.5.3-1 | 5.5.3-1 |
| debian | debian_linux | — | — |
| debian | knot-resolver | < knot-resolver 5.5.3-1 (bookworm) | knot-resolver 5.5.3-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| nic | knot_resolver | < 5.5.3 | 5.5.3 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Knot Resolver vulnerability
vendor_ubuntu·2023-07-13
CVE-2022-40188 Knot Resolver vulnerability
Title: Knot Resolver vulnerability
Summary: Knot Resolver could be made to crash if it received specially crafted
network traffic.
It was discovered that Knot Resolver did not correctly handle certain
client options. A remote attacker could send requests to malicous domains
and cause a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2022-40188: knot-resolver - Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service ...
vendor_debian·2022·CVSS 7.5
CVE-2022-40188 [HIGH] CVE-2022-40188: knot-resolver - Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service ...
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.
Scope: local
bookworm: resolved (fixed in 5.5.3-1)
bullseye: open
forky: resolved (fixed in 5.5.3-1)
sid: resolved (fixed in 5.5.3-1)
trixie: resolved (fixed in 5.5.3-1)
GHSA
GHSA-qj7c-f3xj-jxpv: Knot Resolver before 5
ghsa_unreviewed·2022-09-25
CVE-2022-40188 [HIGH] CWE-400 GHSA-qj7c-f3xj-jxpv: Knot Resolver before 5
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.
OSV
CVE-2022-40188: Knot Resolver before 5
osv·2022-09-23·CVSS 7.5
CVE-2022-40188 [HIGH] CVE-2022-40188: Knot Resolver before 5
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1343#note_262558https://lists.debian.org/debian-lts-announce/2022/10/msg00008.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIMDNIUI7GTUEKIBBYYW7OCTJQFPDNXL/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2VE5K3VDUHJOIA2IGT3G5R76IBADMNE/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO6LIVQS62MI5GG4OVYB5RHVZMYNHAHG/https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1343#note_262558https://lists.debian.org/debian-lts-announce/2022/10/msg00008.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIMDNIUI7GTUEKIBBYYW7OCTJQFPDNXL/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2VE5K3VDUHJOIA2IGT3G5R76IBADMNE/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO6LIVQS62MI5GG4OVYB5RHVZMYNHAHG/
2022-09-23
Published