CVE-2022-2906
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ISC | BIND9 | Open Source Branch 9.18 9.18.0 through versions before 9.18.7 | affected |
| ISC | BIND9 | Development Branch 9.19 9.19.0 through versions before 9.19.5 | affected |
Weaknesses
- In BIND 9.18.0 -> 9.18.6 and versions 9.19.0 -> 9.19.4 of the BIND 9.19 development branch, changes between OpenSSL 1.x and OpenSSL 3.0 expose a flaw in named that causes a small memory leak in key processing when using TKEY records in Diffie-Hellman mode with OpenSSL 3.0.0 and later versions.
Workarounds
There are no known workarounds. TKEY record processing in GSS-TSIG mode is not affected by this defect. The memory leak impacts authoritative DNS server TKEY record processing only. Client processing (resolver functions) do not trigger this defect.
ADP Enrichment
CVE Program Container
Additional References
- https://kb.isc.org/docs/cve-2022-2906
- http://www.openwall.com/lists/oss-security/2022/09/21/3
- https://security.gentoo.org/glsa/202210-25
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://kb.isc.org/docs/cve-2022-2906
- http://www.openwall.com/lists/oss-security/2022/09/21/3
- https://security.gentoo.org/glsa/202210-25
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.