Описание
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
A flaw was found in the Bind package. By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak, resulting in crashing the program.
Отчет
This flaw affects versions 9.8.4 -> 9.16.32 of the Bind package, therefore Red Hat Enterprise Linux 6 is not affected.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | bind | Not affected | ||
| Red Hat Enterprise Linux 9 | dhcp | Not affected | ||
| Red Hat Enterprise Linux 7 | bind | Fixed | RHSA-2022:6765 | 03.10.2022 |
| Red Hat Enterprise Linux 8 | bind | Fixed | RHSA-2022:6778 | 04.10.2022 |
| Red Hat Enterprise Linux 8 | bind9.16 | Fixed | RHSA-2022:6781 | 04.10.2022 |
| Red Hat Enterprise Linux 8 | bind | Fixed | RHSA-2022:6778 | 04.10.2022 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | bind | Fixed | RHSA-2022:6764 | 03.10.2022 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | bind | Fixed | RHSA-2022:6780 | 04.10.2022 |
| Red Hat Enterprise Linux 8.4 Extended Update Support | bind | Fixed | RHSA-2022:6779 | 04.10.2022 |
| Red Hat Enterprise Linux 9 | bind | Fixed | RHSA-2022:6763 | 03.10.2022 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
By spoofing the target resolver with responses that have a malformed E ...
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
7.5 High
CVSS3