ALT-PU-2022-7009-1
Package bind updated to version 9.16.34-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
BDU:2022-06120
Уязвимость реализации технологии DNSSEC сервера DNS BIND, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании»
BDU:2022-06121
Уязвимость реализации технологии DNSSEC сервера DNS BIND, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании»
BDU:2022-06124
Уязвимость сервера DNS BIND, связанная с неправильным управлением внутренними ресурсами, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании» (DoS)
Modified: 2024-11-29
CVE-2022-2795
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
- [oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- [oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- https://kb.isc.org/docs/cve-2022-2795
- https://kb.isc.org/docs/cve-2022-2795
- [debian-lts-announce] 20221005 [SECURITY] [DLA 3138-1] bind9 security update
- [debian-lts-announce] 20221005 [SECURITY] [DLA 3138-1] bind9 security update
- FEDORA-2022-ef038365de
- FEDORA-2022-ef038365de
- FEDORA-2022-8268735e06
- FEDORA-2022-8268735e06
- FEDORA-2022-b197d64471
- FEDORA-2022-b197d64471
- GLSA-202210-25
- GLSA-202210-25
- https://security.netapp.com/advisory/ntap-20241129-0002/
- DSA-5235
- DSA-5235
Modified: 2024-11-21
CVE-2022-38177
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
- [oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- https://kb.isc.org/docs/cve-2022-38177
- [debian-lts-announce] 20221005 [SECURITY] [DLA 3138-1] bind9 security update
- FEDORA-2022-ef038365de
- FEDORA-2022-8268735e06
- FEDORA-2022-b197d64471
- GLSA-202210-25
- https://security.netapp.com/advisory/ntap-20221228-0010/
- DSA-5235
- [oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- DSA-5235
- https://security.netapp.com/advisory/ntap-20221228-0010/
- GLSA-202210-25
- FEDORA-2022-b197d64471
- FEDORA-2022-8268735e06
- FEDORA-2022-ef038365de
- [debian-lts-announce] 20221005 [SECURITY] [DLA 3138-1] bind9 security update
- https://kb.isc.org/docs/cve-2022-38177
Modified: 2024-11-21
CVE-2022-38178
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
- [oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- https://kb.isc.org/docs/cve-2022-38178
- [debian-lts-announce] 20221005 [SECURITY] [DLA 3138-1] bind9 security update
- FEDORA-2022-ef038365de
- FEDORA-2022-8268735e06
- FEDORA-2022-b197d64471
- GLSA-202210-25
- https://security.netapp.com/advisory/ntap-20221228-0009/
- DSA-5235
- [oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- DSA-5235
- https://security.netapp.com/advisory/ntap-20221228-0009/
- GLSA-202210-25
- FEDORA-2022-b197d64471
- FEDORA-2022-8268735e06
- FEDORA-2022-ef038365de
- [debian-lts-announce] 20221005 [SECURITY] [DLA 3138-1] bind9 security update
- https://kb.isc.org/docs/cve-2022-38178