Description
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
Affected products
- ISC / BINDOpen Source Branch 9.16 9.16.11 through versions before 9.16.27 – Open Source Branch 9.16 9.16.11 through versions before 9.16.27
- ISC / BINDDevelopment Branch 9.17 BIND 9.17 all versions – Development Branch 9.17 BIND 9.17 all versions
- ISC / BINDOpen Source Branch 9.18 9.18.0 – Open Source Branch 9.18 9.18.0
- ISC / BINDSupported Preview Branch 9.16-S 9.16.11-S through versions before 9.16.27-S – Supported Preview Branch 9.16-S 9.16.11-S through versions before 9.16.27-S
References
- MISChttps://kb.isc.org/v1/docs/cve-2022-0396
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/
- MISChttps://security.netapp.com/advisory/ntap-20220408-0001/
- MISChttps://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
- MISChttps://security.gentoo.org/glsa/202210-25