Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:7643: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability
  • CVE-2022-0396: bind: DoS from specifically crafted TCP packets
Red Hat Security Data
#vulnerability#linux#red_hat#ibm

Synopsis

Important: bind9.16 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for bind9.16 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

  • bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)
  • bind: DoS from specifically crafted TCP packets (CVE-2022-0396)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

  • BZ - 2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability
  • BZ - 2064513 - CVE-2022-0396 bind: DoS from specifically crafted TCP packets
  • BZ - 2128601 - CVE-2022-38177 bind: memory leak in ECDSA DNSSEC verification code

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index

Red Hat Enterprise Linux for x86_64 8

SRPM

bind9.16-9.16.23-0.9.el8.1.src.rpm

SHA-256: 7449bb907b52a393d7147ccca3e7096c8323f179be1b1315b2ec7ef7af193b1a

x86_64

bind9.16-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: 404ae8f808841e24f48644ca17834489d0b733a0dc5c3aef7686a2df5ac34cce

bind9.16-chroot-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: bd257c3c2ae44d92c5bf4acacd544c6a5938288c820e23c47b8114eff808e2d0

bind9.16-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: cb2fdb0bb892f892b81bb51a971f22381accf0c943a732db9cc3bdace62fa962

bind9.16-debugsource-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: a01ffb018a2e38443e918ebfdb693c2cc33aabbe985552d837758acab8b3d9bb

bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: b8776d4175845dcb26cb07d4966a8ce741609c86d1209009727a663ca22c242f

bind9.16-libs-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: a4998ea90bb8d8d77c37d176ed5ff62e7b0c8599e98dd48bce34581bf93a98c2

bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: 36fc8c4bd0737357a93edd3ac977e88747dec0d00414c8a25639d0a481e142aa

bind9.16-license-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: b80e28a4c5563b73181ed6b5813dec4699a0e9cfcdf9fd747c64d7e2f75e6dce

bind9.16-utils-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: 15ac6373c86b8609e821c24173be14e1c1ba22ac7d43278e1af764c2734daad8

bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: af7d059269d5650418055035d85ad1764de774fc070b0ef508c97005335a0966

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

bind9.16-9.16.23-0.9.el8.1.src.rpm

SHA-256: 7449bb907b52a393d7147ccca3e7096c8323f179be1b1315b2ec7ef7af193b1a

s390x

bind9.16-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 12645107d49890d6faa23f40d6d252c6bdb26a58c481a201dcd8b574056347a3

bind9.16-chroot-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 27887c792787c620d16c08feb58acb6a7ca058b92c9219b7e2e3ea9d4ed86714

bind9.16-debuginfo-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 308731bd77326de18f9124db6b12943af3a9b2ca2fbbfbb1a2cdbacd9fb4910d

bind9.16-debugsource-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 1d1b075de6695723b6408590152a7a39114050fa020d85e527e8c2eb11fccbc1

bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 286cc62847fc7007a4a9e9a3580d93d5dc259abb16d55a3bbab4210e8684adba

bind9.16-libs-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 6d343934fc6f99da0e9916e0a2e746ee5e1ceea16382de7da06145b829b67d2e

bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 28b69ba9a3f859e5e0eb02eb02b2821ec15dd3a1a1d1d49eb0718f9ab3c30ee8

bind9.16-license-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: b80e28a4c5563b73181ed6b5813dec4699a0e9cfcdf9fd747c64d7e2f75e6dce

bind9.16-utils-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: ec301d213ea8303b0ba2f20cc97bf9ede976789d19b4d68fb2a23a0cf4414026

bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 9ad203bb868132fcc1a77c8dba08fa4de5a175cea380b1aac492bc1a43db86d1

Red Hat Enterprise Linux for Power, little endian 8

SRPM

bind9.16-9.16.23-0.9.el8.1.src.rpm

SHA-256: 7449bb907b52a393d7147ccca3e7096c8323f179be1b1315b2ec7ef7af193b1a

ppc64le

bind9.16-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: b0973de1f5e2cc1239ef6f9ec7716c4b474811313599f3d623d1518ff826cdbf

bind9.16-chroot-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: 3b2f3e7a9a94f7771b53b73b4123486a70892f69c0579a64065606ae287b5b41

bind9.16-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: ac2cc5933f8c48da347d238745abcb57d3af888d7b596b45918e05790b8f2adb

bind9.16-debugsource-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: 69700805428cc3a251b322f0b13a741005d109e61c12cd1384f3a7e17a9b7d00

bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: cad0b8264508c7bcea670242248b375dec978680e598a2143dde256e861734a6

bind9.16-libs-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: fef9a3384496506b1a8e5a1ee9f4bcfb1e7615e8ab4779db16a0dc31a3d58b29

bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: c4a0077798ffcdf6420f0eeb7e08c72a02d24c35ea3094669a49b3cb5ae1d477

bind9.16-license-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: b80e28a4c5563b73181ed6b5813dec4699a0e9cfcdf9fd747c64d7e2f75e6dce

bind9.16-utils-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: 14a801af21e1e6b86698fd70d65ffa2bbd6c1b80f72ce727d3c0455e0f237bb3

bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: 50b6e98e9549823373c7836f4e18674bd55fa01cb879aeac9e58e6636cf267bd

Red Hat Enterprise Linux for ARM 64 8

SRPM

bind9.16-9.16.23-0.9.el8.1.src.rpm

SHA-256: 7449bb907b52a393d7147ccca3e7096c8323f179be1b1315b2ec7ef7af193b1a

aarch64

bind9.16-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: 0648fc149da6d109f2e2bdbd7ea6637082efc5a606398bf5353de7b25802d4eb

bind9.16-chroot-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: 5e8f84cf91c64763216f161ee1ea1aee6edd403673dd680a1ad36951b627575f

bind9.16-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: bf7f6db43e08f046fa6f2426b64717732bee650a92ce64a129d2f90dc42a49a1

bind9.16-debugsource-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: e7d7270049301380cd896eb431f37b97efb56fe72a39dc56f2c78d95593761ad

bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: 698b5ad310ac550eb77051bfceff4ce8dca3ccc17ae0a98e261778e4e3e80190

bind9.16-libs-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: 7d2bc63ef481c9ff712e6b8ee735ea8741e4008506f1eeb25a29940dabac77b0

bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: bbcd940ac0e63d159b41efe6ac8ccfddfaa941517e18c52a3b2d420d667700de

bind9.16-license-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: b80e28a4c5563b73181ed6b5813dec4699a0e9cfcdf9fd747c64d7e2f75e6dce

bind9.16-utils-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: 0a9b31e201b619e638896d9bfba821078300844a6790957035d6c94bbadf8b2d

bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: 15925272ebc4aa449a4fdb1b42376750362f95b4e602d7e67859ef8fef12113a

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

bind9.16-debuginfo-9.16.23-0.9.el8.1.i686.rpm

SHA-256: 7cc6ea20dc27a59ea5c37b2d7e26a151bce129691ac2cb02113f7504de8bd482

bind9.16-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: cb2fdb0bb892f892b81bb51a971f22381accf0c943a732db9cc3bdace62fa962

bind9.16-debugsource-9.16.23-0.9.el8.1.i686.rpm

SHA-256: 7ddc603aeb9eb4549b6b4c08ac2214f557131d897b9e8e68b4e87c864a62bb97

bind9.16-debugsource-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: a01ffb018a2e38443e918ebfdb693c2cc33aabbe985552d837758acab8b3d9bb

bind9.16-devel-9.16.23-0.9.el8.1.i686.rpm

SHA-256: b79c643c2d742cca3e409142a6d6fc4360dcfdf1e7690a0464c725ef5f3d8880

bind9.16-devel-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: 4448c653e1d494981a94fdd55b6b90f4939d7192441cc4f94f8d1b27c7eeaed0

bind9.16-dnssec-utils-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: b4ede06adf034cb38fbcd5e3cc965774191b6fc654ac50b2a7edd17f51d83bd7

bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.i686.rpm

SHA-256: 22353e306d3f8f2325a4098b43d3196ca7cf0413292bf227a5002df8fd4da08c

bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: b8776d4175845dcb26cb07d4966a8ce741609c86d1209009727a663ca22c242f

bind9.16-doc-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: ec64c5cde3bcef552225c57133016dbc2bbf0a146fd1d52175cc3482f246c5b4

bind9.16-libs-9.16.23-0.9.el8.1.i686.rpm

SHA-256: 13abe46a527946bd95fb651228858628b726b782ba6ba54d24f6b36635a1ae14

bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.i686.rpm

SHA-256: 19fcb740781b43973b52ffe21be8026a56d0f4354a2ba01ba0f3497355dc79ca

bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: 36fc8c4bd0737357a93edd3ac977e88747dec0d00414c8a25639d0a481e142aa

bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.i686.rpm

SHA-256: ec086d2169c7bfea75d9c761069378fe0e537fbf0f31983e14c4e85d468e2cd5

bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.x86_64.rpm

SHA-256: af7d059269d5650418055035d85ad1764de774fc070b0ef508c97005335a0966

python3-bind9.16-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: ce3ea1dfbfd5c914bcf0fe7c680ee545683f36cc97bc4e4913767224056c6a46

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM

ppc64le

bind9.16-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: ac2cc5933f8c48da347d238745abcb57d3af888d7b596b45918e05790b8f2adb

bind9.16-debugsource-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: 69700805428cc3a251b322f0b13a741005d109e61c12cd1384f3a7e17a9b7d00

bind9.16-devel-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: 07fb1673c98436235587d054ac5463b50c07e6949c3c38f3dfe6b53f8bd918dd

bind9.16-dnssec-utils-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: afc2a61a522e1892e3b1545848a7edb86402644b962470cd47e8f0275d39a45a

bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: cad0b8264508c7bcea670242248b375dec978680e598a2143dde256e861734a6

bind9.16-doc-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: ec64c5cde3bcef552225c57133016dbc2bbf0a146fd1d52175cc3482f246c5b4

bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: c4a0077798ffcdf6420f0eeb7e08c72a02d24c35ea3094669a49b3cb5ae1d477

bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.ppc64le.rpm

SHA-256: 50b6e98e9549823373c7836f4e18674bd55fa01cb879aeac9e58e6636cf267bd

python3-bind9.16-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: ce3ea1dfbfd5c914bcf0fe7c680ee545683f36cc97bc4e4913767224056c6a46

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

bind9.16-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: bf7f6db43e08f046fa6f2426b64717732bee650a92ce64a129d2f90dc42a49a1

bind9.16-debugsource-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: e7d7270049301380cd896eb431f37b97efb56fe72a39dc56f2c78d95593761ad

bind9.16-devel-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: bf880d8c11c106969f1ae19fda5dab92981b1c796c815e36ebf7c924c3b8855c

bind9.16-dnssec-utils-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: 0302e0292aab3ce7b44303967f30e74b40c9bd77360221ab844f8c2220e3e73e

bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: 698b5ad310ac550eb77051bfceff4ce8dca3ccc17ae0a98e261778e4e3e80190

bind9.16-doc-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: ec64c5cde3bcef552225c57133016dbc2bbf0a146fd1d52175cc3482f246c5b4

bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: bbcd940ac0e63d159b41efe6ac8ccfddfaa941517e18c52a3b2d420d667700de

bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.aarch64.rpm

SHA-256: 15925272ebc4aa449a4fdb1b42376750362f95b4e602d7e67859ef8fef12113a

python3-bind9.16-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: ce3ea1dfbfd5c914bcf0fe7c680ee545683f36cc97bc4e4913767224056c6a46

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM

s390x

bind9.16-debuginfo-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 308731bd77326de18f9124db6b12943af3a9b2ca2fbbfbb1a2cdbacd9fb4910d

bind9.16-debugsource-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 1d1b075de6695723b6408590152a7a39114050fa020d85e527e8c2eb11fccbc1

bind9.16-devel-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 89c51b017cefc5b9ce2c1b7649da5f48d8242250b7abe2bc523a1449f2cb75c1

bind9.16-dnssec-utils-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: f073c6b441a363457a438ade6a0f4df0a2e5c50424be2d9d6f0f846213850202

bind9.16-dnssec-utils-debuginfo-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 286cc62847fc7007a4a9e9a3580d93d5dc259abb16d55a3bbab4210e8684adba

bind9.16-doc-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: ec64c5cde3bcef552225c57133016dbc2bbf0a146fd1d52175cc3482f246c5b4

bind9.16-libs-debuginfo-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 28b69ba9a3f859e5e0eb02eb02b2821ec15dd3a1a1d1d49eb0718f9ab3c30ee8

bind9.16-utils-debuginfo-9.16.23-0.9.el8.1.s390x.rpm

SHA-256: 9ad203bb868132fcc1a77c8dba08fa4de5a175cea380b1aac492bc1a43db86d1

python3-bind9.16-9.16.23-0.9.el8.1.noarch.rpm

SHA-256: ce3ea1dfbfd5c914bcf0fe7c680ee545683f36cc97bc4e4913767224056c6a46

Related news

CVE-2023-43074: DSA-2023-141: Dell Unity, Unity VSA and Unity XT Security Update for Multiple Vulnerability

Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server.

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

CVE-2023-28043: DSA-2023-164: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.

Red Hat Security Advisory 2023-1326-01

Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-0402-01

Red Hat Security Advisory 2023-0402-01 - An update for bind is now available for Red Hat Enterprise Linux 7.

RHSA-2023:0402: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability * CVE-2022-2795: bind: processing large delegations may severely degrade resolver performance

RHSA-2022:8750: Red Hat Security Advisory: OpenShift Virtualization 4.11.1 security and bug fix update

Red Hat OpenShift Virtualization release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921: golang: regexp: stack exhaustion via a deeply nested expression * CVE-2022-28327: golang: crypto/elliptic: panic caus...

RHSA-2022:8609: Red Hat Security Advisory: OpenShift Virtualization 4.9.7 Images security update

Red Hat OpenShift Virtualization release 4.9.7 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1996: go-restful: Authorization Bypass Through User-Controlled Key

Red Hat Security Advisory 2022-8068-01

Red Hat Security Advisory 2022-8068-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-8385-01

Red Hat Security Advisory 2022-8385-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.

RHSA-2022:8068: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability * CVE-2022-0396: bind: DoS from specifically crafted TCP packets

RHSA-2022:8385: Red Hat Security Advisory: dhcp security and enhancement update

An update for dhcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability

Red Hat Security Advisory 2022-7643-01

Red Hat Security Advisory 2022-7643-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include denial of service and memory leak vulnerabilities.

RHSA-2022:7790: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-25220: bind: DNS forwarders - cache poisoning vulnerability

Red Hat Security Advisory 2022-6780-01

Red Hat Security Advisory 2022-6780-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2022-6779-01

Red Hat Security Advisory 2022-6779-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2022-6778-01

Red Hat Security Advisory 2022-6778-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2022-6781-01

Red Hat Security Advisory 2022-6781-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2022-6765-01

Red Hat Security Advisory 2022-6765-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

RHSA-2022:6781: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3080: bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly * CVE-2022-38177: bind: memory leak in ECDSA DNSSEC verification code * CVE-2022-38178: bind: memory leaks in EdDSA DNSSEC verification code

RHSA-2022:6765: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-38177: bind: memory leak in ECDSA DNSSEC verification code * CVE-2022-38178: bind: memory leaks in EdDSA DNSSEC verification code

Ubuntu Security Notice USN-5626-2

Ubuntu Security Notice 5626-2 - USN-5626-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service.

Ubuntu Security Notice USN-5626-1

Ubuntu Security Notice 5626-1 - Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service. It was discovered that Bind incorrectly handled statistics requests. A remote attacker could possibly use this issue to obtain sensitive memory contents, or cause a denial of service. This issue only affected Ubuntu 22.04 LTS.

CVE-2022-38177: CVE-2022-38177: Memory leak in ECDSA DNSSEC verification code

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

CVE-2021-25220: CVE-2021-25220: DNS forwarders - cache poisoning vulnerability

BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.

CVE-2022-0396: CVE-2022-0396: DoS from specifically crafted TCP packets - Security Advisories

BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.