CVE-2022-3736
26.01.2023, 21:15
BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| isc | bind | 9.16.12 ≤ 𝑥 < 9.16.37 |
| isc | bind | 9.18.0 ≤ 𝑥 < 9.18.11 |
| isc | bind | 9.19.0 ≤ 𝑥 < 9.19.9 |
| isc | bind | 9.16.11:s1 |
| isc | bind | 9.16.13:s1 |
| isc | bind | 9.16.14:s1 |
| isc | bind | 9.16.21:s1 |
| isc | bind | 9.16.32:s1 |
| isc | bind | 9.16.36:s1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| bind9 |
| ||||||||||||||
| isc-dhcp |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| bind |
| ||||||||||||
| bind-doc |
| ||||||||||||
| bind-utils |
| ||||||||||||
| python3-bind |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||
|---|---|---|---|
| bind |
| ||
| bind-chroot |
| ||
| bind-devel |
| ||
| bind-dnssec-doc |
| ||
| bind-dnssec-utils |
| ||
| bind-doc |
| ||
| bind-libs |
| ||
| bind-license |
| ||
| bind-utils |
| ||
| bind9.16 |
| ||
| bind9.16-chroot |
| ||
| bind9.16-devel |
| ||
| bind9.16-dnssec-utils |
| ||
| bind9.16-doc |
| ||
| bind9.16-libs |
| ||
| bind9.16-license |
| ||
| bind9.16-utils |
| ||
| python3-bind |
| ||
| python3-bind9.16 |
|
Common Weakness Enumeration