CVE-2022-2795

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
References
Link Resource
http://www.openwall.com/lists/oss-security/2022/09/21/3 Mailing List Patch Third Party Advisory
https://kb.isc.org/docs/cve-2022-2795 Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/
https://security.gentoo.org/glsa/202210-25 Third Party Advisory
https://www.debian.org/security/2022/dsa-5235 Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/09/21/3 Mailing List Patch Third Party Advisory
https://kb.isc.org/docs/cve-2022-2795 Patch Vendor Advisory
https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/
https://security.gentoo.org/glsa/202210-25 Third Party Advisory
https://security.netapp.com/advisory/ntap-20241129-0002/
https://www.debian.org/security/2022/dsa-5235 Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:supported_preview:*:*
cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.9.13:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s3:*:*:*:supported_preview:*:*
cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.14-s1:*:*:*:preview:*:*:*
cpe:2.3:a:isc:bind:9.11.19-s1:*:*:*:preview:*:*:*
cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.35:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.37:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.32:s1:*:*:supported_preview:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

History

29 Nov 2024, 12:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20241129-0002/ -

21 Nov 2024, 07:01

Type Values Removed Values Added
References () http://www.openwall.com/lists/oss-security/2022/09/21/3 - Mailing List, Patch, Third Party Advisory () http://www.openwall.com/lists/oss-security/2022/09/21/3 - Mailing List, Patch, Third Party Advisory
References () https://kb.isc.org/docs/cve-2022-2795 - Patch, Vendor Advisory () https://kb.isc.org/docs/cve-2022-2795 - Patch, Vendor Advisory
References () https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/ -
References () https://security.gentoo.org/glsa/202210-25 - Third Party Advisory () https://security.gentoo.org/glsa/202210-25 - Third Party Advisory
References () https://www.debian.org/security/2022/dsa-5235 - Third Party Advisory () https://www.debian.org/security/2022/dsa-5235 - Third Party Advisory

08 Aug 2023, 14:22

Type Values Removed Values Added
CWE CWE-400 NVD-CWE-noinfo

16 May 2023, 11:01

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 5.3

03 Nov 2022, 20:44

Type Values Removed Values Added
New CVE

Information

Published : 2022-09-21 11:15

Updated : 2024-11-29 12:15


NVD link : CVE-2022-2795

Mitre link : CVE-2022-2795

CVE.ORG link : CVE-2022-2795


JSON object : View

Products Affected

debian

  • debian_linux

fedoraproject

  • fedora

isc

  • bind