CVE-2022-2795 – Processing large delegations may severely degrade resolver performance
https://notcve.org/view.php?id=CVE-2022-2795
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. Al inundar el resolvedor de destino con consultas que explotan este fallo, un atacante puede perjudicar significativamente el rendimiento del resolvedor, negando efectivamente a los clientes legítimos el acceso al servicio de resolución DNS A flaw was found in bind. When flooding the target resolver with special queries, an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. • http://www.openwall.com/lists/oss-security/2022/09/21/3 https://kb.isc.org/docs/cve-2022-2795 https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5S • CWE-400: Uncontrolled Resource Consumption •
CVE-2022-0396 – DoS from specifically crafted TCP packets
https://notcve.org/view.php?id=CVE-2022-0396
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection. BIND versiones 9.16.11 posteriores a 9.16.26, versiones 9.17.0 posteriores a 9.18.0 y versiones 9.16.11-S1 posteriores a 9.16.26-S1 de BIND Supported Preview Edition. Los flujos TCP específicamente diseñados pueden causar que las conexiones a BIND permanezcan en estado CLOSE_WAIT durante un período de tiempo indefinido, incluso después de que el cliente haya terminado la conexión A flaw was found in Bind that incorrectly handles certain crafted TCP streams. The vulnerability allows TCP connection slots to be consumed for an indefinite time frame via a specifically crafted TCP stream sent from a client. • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf https://kb.isc.org/v1/docs/cve-2022-0396 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY https://security.gentoo.org/glsa/202210-25 https://security.netapp.com/advisory/ntap-20220408-0001 https://access.redhat.com/security/cve/CVE-2022-0396 https://bugzilla.redhat.com/show_bug.cgi?id=2064513 • CWE-404: Improper Resource Shutdown or Release CWE-459: Incomplete Cleanup •
CVE-2021-25220 – DNS forwarders - cache poisoning vulnerability
https://notcve.org/view.php?id=CVE-2021-25220
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. BIND versiones 9.11.0 posteriores a 9.11.36, versiones 9.12.0 posteriores a 9.16.26, versiones 9.17.0 posteriores a 9.18.0, Ediciones Preliminares Soportadas con BIND: versiones .11.4-S1 posteriores a 9.11.36-S1, versiones 9.16.8-S1 posteriores a 9.16.26-S1, también creemos que las versiones de BIND 9 anteriores a las mostradas - hasta la versión 9.1.0, incluyendo las ediciones preliminares soportadas - también están afectadas pero no han sido probadas ya que son EOL. La caché podría envenenarse con registros incorrectos, conllevando a una realización de consultas a servidores erróneos, lo que también podría resultar en que se devolviera información falsa a clientes A cache poisoning vulnerability was found in BIND when using forwarders. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf https://kb.isc.org/v1/docs/cve-2021-25220 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SXT7247QTKNBQ67MNRGZD23ADXU6E5U https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VX3I2U3ICOIEI5Y7OYA6CHOLFMNH3YQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV https://lists.fedoraproject.org/archives/list/package-announc • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2021-25219 – Lame cache can be abused to severely degrade resolver performance
https://notcve.org/view.php?id=CVE-2021-25219
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing. En BIND versiones 9.3.0 posteriores a 9.11.35, versiones 9.12.0 posteriores a 9.16.21, y en versiones 9.9.3-S1 posteriores a 9.11.35-S1 y versiones 9.16.8-S1 posteriores a 9.16.21-S1 de BIND Supported Preview Edition, así como en las versiones 9.17.0 -> 9.17.18 de la rama de desarrollo de BIND 9.17, una explotación de servidores autoritativos rotos usando un fallo en el procesamiento de respuestas puede causar una degradación en el rendimiento del resolver BIND. La forma en que está diseñada actualmente la caché de lame hace posible que sus estructuras de datos internas crezcan casi infinitamente, lo que puede causar retrasos significativos en el procesamiento de las consultas de los clientes A flaw was found in the way bind processes broken responses from authoritative servers. This caching mechanism could be abused by an attacker to significantly degrade resolver performance. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://kb.isc.org/v1/docs/cve-2021-25219 https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EF4NAVRV4H3W4GA3LGGZYUKD3HSJBAVW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGV7SA27CTYLGFJSPUM3V36ZWK7WWDI4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTKC4E3HUOLYN5 • CWE-20: Improper Input Validation •
CVE-2021-25218 – A too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in use
https://notcve.org/view.php?id=CVE-2021-25218
In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of the BIND Supported Preview Edition. En BIND versiones 9.16.19, 9.17.16. Además, la versión 9.16.19-S1 de BIND Supported Preview Edition. • http://www.openwall.com/lists/oss-security/2021/08/18/3 http://www.openwall.com/lists/oss-security/2021/08/20/2 https://kb.isc.org/v1/docs/cve-2021-25218 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPJCLGSR4BTGFLBLGIE5TEQP2SNJKGVL https://security.netapp.com/advisory/ntap-20210909-0002 • CWE-617: Reachable Assertion •