Security
Headlines
HeadlinesLatestCVEs

Headline

Red Hat Security Advisory 2022-7643-01

Red Hat Security Advisory 2022-7643-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include denial of service and memory leak vulnerabilities.

Packet Storm
#vulnerability#linux#red_hat#dos#js#java

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Important: bind9.16 security update
Advisory ID: RHSA-2022:7643-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:7643
Issue date: 2022-11-08
CVE Names: CVE-2021-25220 CVE-2022-0396
====================================================================

  1. Summary:

An update for bind9.16 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

  1. Description:

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.

Security Fix(es):

  • bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)

  • bind: DoS from specifically crafted TCP packets (CVE-2022-0396)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.7 Release Notes linked from the References section.

  1. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

  1. Bugs fixed (https://bugzilla.redhat.com/):

2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability
2064513 - CVE-2022-0396 bind: DoS from specifically crafted TCP packets
2128601 - CVE-2022-38177 bind: memory leak in ECDSA DNSSEC verification code

  1. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
bind9.16-9.16.23-0.9.el8.1.src.rpm

aarch64:
bind9.16-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-chroot-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-debugsource-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-libs-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-utils-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm

noarch:
bind9.16-license-9.16.23-0.9.el8.1.noarch.rpm

ppc64le:
bind9.16-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-chroot-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-debugsource-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-libs-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-utils-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm

s390x:
bind9.16-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-chroot-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-debuginfo-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-debugsource-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-libs-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-utils-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.s390x.rpm

x86_64:
bind9.16-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-chroot-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-debugsource-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-libs-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-utils-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:
bind9.16-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-debugsource-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-devel-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-dnssec-utils-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm
bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm

noarch:
bind9.16-doc-9.16.23-0.9.el8.1.noarch.rpm
python3-bind9.16-9.16.23-0.9.el8.1.noarch.rpm

ppc64le:
bind9.16-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-debugsource-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-devel-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-dnssec-utils-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm
bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm

s390x:
bind9.16-debuginfo-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-debugsource-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-devel-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-dnssec-utils-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.s390x.rpm
bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.s390x.rpm

x86_64:
bind9.16-debuginfo-9.16.23-0.9.el8.1.i686.rpm
bind9.16-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-debugsource-9.16.23-0.9.el8.1.i686.rpm
bind9.16-debugsource-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-devel-9.16.23-0.9.el8.1.i686.rpm
bind9.16-devel-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-dnssec-utils-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.i686.rpm
bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-libs-9.16.23-0.9.el8.1.i686.rpm
bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.i686.rpm
bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm
bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.i686.rpm
bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2021-25220
https://access.redhat.com/security/cve/CVE-2022-0396
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index

  1. Contact:

The Red Hat security contact is [email protected]. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBY2pSW9zjgjWX9erEAQhIyw//SGCFyvcxj0U6yn2bbf0O2/C9simPnh9g
11SwSlmRGAfEAcVbaczaAUd9Z74ap5lEDdUSagxBdV9HA6OWoTPRYkcikvn4JDK2
27Kl1/yjsEEdRGpjCd3TjTBsRO/2YsQJwCzpf9iwnD5RJKlX9hty7EIwxRQR9EnY
SVlaPmUDcXgSfcJ+6SaUahPRkzvZ0tya30oBuqNgAl6UExAiQ+hUN3K7J8by3ZQw
ZMovwQ3CTyN0y8YJubuTswVyLcNDtQVMk8Hu6EHvdlhc0ZUgH9tXcxGakyA5uF0Q
7IvKDnGxnVEDBUdSTZp06iX+nhM8RawWJfa95Z1V9nKkOIAA3ALFBWdC8VT+X2RJ
+GRLIqSVu5lGteA38+G29T8NPHEXWPEzQfuf54Wy9JPWetKHk1o2iCgbLiX4D8gu
YMylIk0m/CdfkAjDGn2msG+gnCDMLPgyTunYK0enflWGJvaTN3BmSA84/fAci36M
f+DROFugmjD+meGmDcNxyw72/UB3dARuUJjtlHaym4DIv8O/LuSVo4XgspBLtIJT
Kh3qDsXzKE2WvkLseynI87E/7C0aWLacDmzf2m4QiTu+4r/tesRxv0oJfcD7c1aF
DdLGHtWtjuQqu2Yr3xG0IhJiPYdKpB8R5L2p8Lyl2CX26ppgds0m6qUAQGmbz4gX
1ORsy/EWei0=pWJB
-----END PGP SIGNATURE-----

RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Related news

CVE-2023-43074: DSA-2023-141: Dell Unity, Unity VSA and Unity XT Security Update for Multiple Vulnerability

Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server.

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

CVE-2023-28043: DSA-2023-164: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.

Red Hat Security Advisory 2023-1326-01

Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-0402-01

Red Hat Security Advisory 2023-0402-01 - An update for bind is now available for Red Hat Enterprise Linux 7.

RHSA-2023:0402: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability * CVE-2022-2795: bind: processing large delegations may severely degrade resolver performance

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Red Hat Security Advisory 2022-8750-01

Red Hat Security Advisory 2022-8750-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.

Red Hat Security Advisory 2022-8598-01

Red Hat Security Advisory 2022-8598-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include bypass, code execution, integer overflow, memory leak, and use-after-free v...

RHSA-2022:8609: Red Hat Security Advisory: OpenShift Virtualization 4.9.7 Images security update

Red Hat OpenShift Virtualization release 4.9.7 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1996: go-restful: Authorization Bypass Through User-Controlled Key

Red Hat Security Advisory 2022-8068-01

Red Hat Security Advisory 2022-8068-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-8385-01

Red Hat Security Advisory 2022-8385-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.

RHSA-2022:8068: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability * CVE-2022-0396: bind: DoS from specifically crafted TCP packets

RHSA-2022:8385: Red Hat Security Advisory: dhcp security and enhancement update

An update for dhcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability

RHSA-2022:7643: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability * CVE-2022-0396: bind: DoS from specifically crafted TCP packets

RHSA-2022:7643: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability * CVE-2022-0396: bind: DoS from specifically crafted TCP packets

RHSA-2022:7790: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability

Red Hat Security Advisory 2022-6905-01

Red Hat Security Advisory 2022-6905-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.50. Issues addressed include a code execution vulnerability.

RHSA-2022:6905: Red Hat Security Advisory: OpenShift Container Platform 4.9.50 bug fix and security update

Red Hat OpenShift Container Platform release 4.9.50 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go...

Red Hat Security Advisory 2022-6763-01

Red Hat Security Advisory 2022-6763-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2022-6764-01

Red Hat Security Advisory 2022-6764-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

RHSA-2022:6780: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-38177: bind: memory leak in ECDSA DNSSEC verification code * CVE-2022-38178: bind: memory leaks in EdDSA DNSSEC verification code

RHSA-2022:6778: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-38177: bind: memory leak in ECDSA DNSSEC verification code * CVE-2022-38178: bind: memory leaks in EdDSA DNSSEC verification code

RHSA-2022:6779: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-38177: bind: memory leak in ECDSA DNSSEC verification code * CVE-2022-38178: bind: memory leaks in EdDSA DNSSEC verification code

RHSA-2022:6763: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3080: bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly * CVE-2022-38177: bind: memory leak in ECDSA DNSSEC verification code * CVE-2022-38178: bind: memory leaks in EdDSA DNSSEC verification code

RHSA-2022:6764: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-38177: bind: memory leak in ECDSA DNSSEC verification code * CVE-2022-38178: bind: memory leaks in EdDSA DNSSEC verification code

Ubuntu Security Notice USN-5626-2

Ubuntu Security Notice 5626-2 - USN-5626-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service.

CVE-2021-25220: CVE-2021-25220: DNS forwarders - cache poisoning vulnerability

BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.

CVE-2022-0396: CVE-2022-0396: DoS from specifically crafted TCP packets - Security Advisories

BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.

Packet Storm: Latest News

Zeek 6.0.9