vulnerability
CentOS Linux: CVE-2022-3736: Moderate: bind security and bug fix update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Jan 26, 2023 | May 15, 2023 | Jan 28, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Jan 26, 2023
Added
May 15, 2023
Modified
Jan 28, 2025
Description
BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query.
This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.
Solution(s)
centos-upgrade-bindcentos-upgrade-bind-chrootcentos-upgrade-bind-debuginfocentos-upgrade-bind-debugsourcecentos-upgrade-bind-dnssec-doccentos-upgrade-bind-dnssec-utilscentos-upgrade-bind-dnssec-utils-debuginfocentos-upgrade-bind-libscentos-upgrade-bind-libs-debuginfocentos-upgrade-bind-licensecentos-upgrade-bind-utilscentos-upgrade-bind-utils-debuginfocentos-upgrade-bind9-16centos-upgrade-bind9-16-chrootcentos-upgrade-bind9-16-debuginfocentos-upgrade-bind9-16-debugsourcecentos-upgrade-bind9-16-dnssec-utilscentos-upgrade-bind9-16-dnssec-utils-debuginfocentos-upgrade-bind9-16-libscentos-upgrade-bind9-16-libs-debuginfocentos-upgrade-bind9-16-licensecentos-upgrade-bind9-16-utilscentos-upgrade-bind9-16-utils-debuginfocentos-upgrade-python3-bindcentos-upgrade-python3-bind9-16
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.