CVE-2022-38178

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
Configurations

Configuration 1

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s3:*:*:*:supported_preview:*:*
cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.35:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.14-s1:*:*:*:preview:*:*:*
cpe:2.3:a:isc:bind:9.11.19-s1:*:*:*:preview:*:*:*
cpe:2.3:a:isc:bind:9.11.37:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.32:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.3:s4:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

Information

Published : 2022-09-21 11:15

Updated : 2022-12-28 04:15


NVD link : CVE-2022-38178

Mitre link : CVE-2022-38178

Products Affected
No products.
CWE
CWE-347

Improper Verification of Cryptographic Signature