vulnerability

CentOS Linux: CVE-2022-38178: Important: bind security update (Multiple Advisories)

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Sep 21, 2022
Added
Oct 20, 2022
Modified
Jan 28, 2025

Description

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

Solutions

centos-upgrade-bindcentos-upgrade-bind-chrootcentos-upgrade-bind-debuginfocentos-upgrade-bind-debugsourcecentos-upgrade-bind-develcentos-upgrade-bind-dnssec-doccentos-upgrade-bind-dnssec-utilscentos-upgrade-bind-dnssec-utils-debuginfocentos-upgrade-bind-export-develcentos-upgrade-bind-export-libscentos-upgrade-bind-export-libs-debuginfocentos-upgrade-bind-libscentos-upgrade-bind-libs-debuginfocentos-upgrade-bind-libs-litecentos-upgrade-bind-libs-lite-debuginfocentos-upgrade-bind-licensecentos-upgrade-bind-lite-develcentos-upgrade-bind-pkcs11centos-upgrade-bind-pkcs11-debuginfocentos-upgrade-bind-pkcs11-develcentos-upgrade-bind-pkcs11-libscentos-upgrade-bind-pkcs11-libs-debuginfocentos-upgrade-bind-pkcs11-utilscentos-upgrade-bind-pkcs11-utils-debuginfocentos-upgrade-bind-sdbcentos-upgrade-bind-sdb-chrootcentos-upgrade-bind-sdb-debuginfocentos-upgrade-bind-utilscentos-upgrade-bind-utils-debuginfocentos-upgrade-bind9-16centos-upgrade-bind9-16-chrootcentos-upgrade-bind9-16-debuginfocentos-upgrade-bind9-16-debugsourcecentos-upgrade-bind9-16-dnssec-utils-debuginfocentos-upgrade-bind9-16-libscentos-upgrade-bind9-16-libs-debuginfocentos-upgrade-bind9-16-licensecentos-upgrade-bind9-16-utilscentos-upgrade-bind9-16-utils-debuginfocentos-upgrade-python3-bind

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today