1. Home
  2. Vulnerabilities
  3. CVE-2022-38178

CVE-2022-38178

CVSS v3.1 7.5 (High)
75% Progress
EPSS 0.45 % (75th)
0.45% Progress
Affected Products 4
Advisories 27
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

Weaknesses
CWE-401
Missing Release of Memory after Effective Lifetime
CVE Status
PUBLISHED
CNA
Internet Systems Consortium (ISC)
Published Date
2022-09-21 11:15:09
(2 years ago)
Updated Date
2023-11-07 03:50:04
(10 months ago)

Affected Products

Debian

Fedoraproject

Isc

Netapp

Configuration #1

    CPE23 From Up To
  Isc Bind from 9.9.12 version and 9.9.13 and prior versions cpe:2.3:a:isc:bind >= 9.9.12 <= 9.9.13
  Isc Bind from 9.10.7 version and 9.10.8 and prior versions cpe:2.3:a:isc:bind >= 9.10.7 <= 9.10.8
  Isc Bind from 9.11.3 version and 9.16.32 and prior versions cpe:2.3:a:isc:bind >= 9.11.3 <= 9.16.32
  Isc Bind 9.11.3 S1 cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview
  Isc Bind 9.11.3 S4 cpe:2.3:a:isc:bind:9.11.3:s4:*:*:supported_preview
  Isc Bind 9.11.5 S3 for Supported Preview cpe:2.3:a:isc:bind:9.11.5:s3:*:*:*:supported_preview
  Isc Bind 9.11.5 S3 cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview
  Isc Bind 9.11.5 S5 cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview
  Isc Bind 9.11.5 S6 cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview
  Isc Bind 9.11.6 S1 cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview
  Isc Bind 9.11.7 S1 cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview
  Isc Bind 9.11.8 S1 cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview
  Isc Bind 9.11.12 S1 cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview
  Isc Bind 9.11.14-s1 cpe:2.3:a:isc:bind:9.11.14-s1:*:*:*:preview
  Isc Bind 9.11.19-s1 cpe:2.3:a:isc:bind:9.11.19-s1:*:*:*:preview
  Isc Bind 9.11.21 S1 cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview
  Isc Bind 9.11.27 S1 cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview
  Isc Bind 9.11.29 S1 cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview
  Isc Bind 9.11.35 S1 cpe:2.3:a:isc:bind:9.11.35:s1:*:*:supported_preview
  Isc Bind 9.11.37 S1 cpe:2.3:a:isc:bind:9.11.37:s1:*:*:supported_preview
  Isc Bind 9.16.8 S1 cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview
  Isc Bind 9.16.11 S1 cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview
  Isc Bind 9.16.13 S1 cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview
  Isc Bind 9.16.21 S1 cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview
  Isc Bind 9.16.32 S1 cpe:2.3:a:isc:bind:9.16.32:s1:*:*:supported_preview

Configuration #2

    CPE23 From Up To
  Debian Linux 11.0 cpe:2.3:o:debian:debian_linux:11.0

Configuration #3

    CPE23 From Up To
  Fedoraproject Fedora 35 cpe:2.3:o:fedoraproject:fedora:35
  Fedoraproject Fedora 36 cpe:2.3:o:fedoraproject:fedora:36
  Fedoraproject Fedora 37 cpe:2.3:o:fedoraproject:fedora:37

Configuration #4

    CPE23 From Up To
  Netapp Active Iq Unified Manager for Vmware Vsphere cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere