rpm package
almalinux/bind
pkg:rpm/almalinux/bind
Vulnerabilities (27)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-38178 | — | < 32:9.16.23-1.el9_0.1 | 32:9.16.23-1.el9_0.1 | Sep 21, 2022 | By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. | ||
| CVE-2022-38177 | — | < 32:9.16.23-1.el9_0.1 | 32:9.16.23-1.el9_0.1 | Sep 21, 2022 | By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. | ||
| CVE-2022-2795 | — | < 32:9.16.23-11.el9 | 32:9.16.23-11.el9 | Sep 21, 2022 | By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. | ||
| CVE-2021-25220 | — | < 32:9.11.36-5.el8 | 32:9.11.36-5.el8 | Mar 23, 2022 | BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have | ||
| CVE-2022-0396 | — | < 32:9.16.23-5.el9_1 | 32:9.16.23-5.el9_1 | Mar 23, 2022 | BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has termina | ||
| CVE-2021-25219 | — | < 32:9.11.36-3.el8 | 32:9.11.36-3.el8 | Oct 27, 2021 | In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a | ||
| CVE-2021-25214 | — | < 32:9.11.26-6.el8 | 32:9.11.26-6.el8 | Apr 29, 2021 | In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of n |
- CVE-2022-38178Sep 21, 2022affected < 32:9.16.23-1.el9_0.1fixed 32:9.16.23-1.el9_0.1
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
- CVE-2022-38177Sep 21, 2022affected < 32:9.16.23-1.el9_0.1fixed 32:9.16.23-1.el9_0.1
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
- CVE-2022-2795Sep 21, 2022affected < 32:9.16.23-11.el9fixed 32:9.16.23-11.el9
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
- CVE-2021-25220Mar 23, 2022affected < 32:9.11.36-5.el8fixed 32:9.11.36-5.el8
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have
- CVE-2022-0396Mar 23, 2022affected < 32:9.16.23-5.el9_1fixed 32:9.16.23-5.el9_1
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has termina
- CVE-2021-25219Oct 27, 2021affected < 32:9.11.36-3.el8fixed 32:9.11.36-3.el8
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a
- CVE-2021-25214Apr 29, 2021affected < 32:9.11.26-6.el8fixed 32:9.11.26-6.el8
In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of n
Page 2 of 2