CVE-2022-3080

Опубликовано: 21 сент. 2022

Источник: debian

EPSS Низкий

Описание

By sending specific queries to the resolver, an attacker can cause named to crash.

Пакет	Статус	Версия исправления	Релиз	Тип
bind9	fixed	1:9.18.7-1		package
bind9	not-affected		buster	package

https://kb.isc.org/docs/cve-2022-3080
Fixed by: https://gitlab.isc.org/isc-projects/bind9/-/commit/b9e2f3333d0d29deb3ef932aa7aeb28086f153bd (v9_18_7)
Fixed by: https://gitlab.isc.org/isc-projects/bind9/-/commit/3f68e2ad838b3c12a725ccb1082a54b0e8b69562 (v9_16_33)

EPSS

Процентиль: 29%

0.00103

Низкий

CVE-2022-3080

CVSS3: 7.5

ubuntu

около 3 лет назад

By sending specific queries to the resolver, an attacker can cause named to crash.

CVE-2022-3080

CVSS3: 7.5

redhat

около 3 лет назад

By sending specific queries to the resolver, an attacker can cause named to crash.

CVE-2022-3080

CVSS3: 7.5

nvd

около 3 лет назад

By sending specific queries to the resolver, an attacker can cause named to crash.

CVE-2022-3080

CVSS3: 7.5

msrc

около 3 лет назад

BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly

GHSA-7mrh-jrcg-wc76

CVSS3: 7.5

github

около 3 лет назад

By sending specific queries to the resolver, an attacker can cause named to crash.

EPSS

Процентиль: 29%

0.00103

Низкий