vulnerability

ISC BIND: BIND Supported Preview Edition named may terminate unexpectedly when processing ECS options in repeated responses to iterative queries (CVE-2022-3488)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	Jan 26, 2023	Mar 7, 2023	Jan 30, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Jan 26, 2023

Added

Mar 7, 2023

Modified

Jan 30, 2025

Description

Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure.

'Broken' in this context is anything that would cause the resolver to reject the query response, such as a mismatch between query and answer name.
This issue affects BIND 9 versions 9.11.4-S1 through 9.11.37-S1 and 9.16.8-S1 through 9.16.36-S1.

Solution

upgrade-isc-bind-latest

References

CVE-2022-3488
https://attackerkb.com/topics/CVE-2022-3488
URL-https://kb.isc.org/v1/docs/cve-2022-3488

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today