Details of VAR-202203-0665

ID

VAR-202203-0665

CVE

CVE-2022-0396

TITLE

BIND connection indefinitely CLOSE_WAIT Vulnerabilities that remain in status

Trust: 0.8

sources: JVNDB: JVNDB-2022-001799

DESCRIPTION

BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection. BIND , even after the client closes the connection. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. This flaw allows a remote malicious user to manipulate cache results with incorrect records, leading to queries made to the wrong servers, possibly resulting in false information received on the client's end. This issue results in BIND consuming resources, leading to a denial of service. (CVE-2022-0396). ========================================================================== Ubuntu Security Notice USN-5332-1 March 17, 2022 bind9 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Bind. Software Description: - bind9: Internet Domain Name Server Details: Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results. This issue only affected Ubuntu 21.10. (CVE-2022-0396) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: bind9 1:9.16.15-1ubuntu1.2 Ubuntu 20.04 LTS: bind9 1:9.16.1-0ubuntu2.10 Ubuntu 18.04 LTS: bind9 1:9.11.3+dfsg-1ubuntu1.17 In general, a standard system update will make all the necessary changes. For the oldstable distribution (buster), this problem has been fixed in version 1:9.11.5.P4+dfsg-5.1+deb10u7. For the stable distribution (bullseye), this problem has been fixed in version 1:9.16.27-1~deb11u1. We recommend that you upgrade your bind9 packages. For the detailed security status of bind9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/bind9 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmI010UACgkQEMKTtsN8 Tjbp3xAAil38qfAIdNkaIxY2bauvTyZDWzr6KUjph0vzmLEoAFQ3bysVSGlCnZk9 IgdyfPRWQ+Bjau1/dlhNYaTlnQajbeyvCXfJcjRRgtUDCp7abZcOcb1WDu8jWLGW iRtKsvKKrTKkIou5LgDlyqZyf6OzjgRdwtm86GDPQiCaSEpmbRt+APj5tkIA9R1G ELWuZsjbIraBU0TsNfOalgNpAWtSBayxKtWB69J8rxUV69JI194A4AJ0wm9SPpFV G/TzlyHp1dUZJRLNmZOZU/dq4pPsXzh9I4QCg1kJWsVHe2ycAJKho6hr5iy43fNl MuokfI9YnU6/9SjHrQAWp1X/6MYCR8NieJ933W89/Zb8eTjTZC8EQGo6fkA287G8 glQOrJHMQyV+b97lT67+ioTHNzTEBXTih7ZDeC1TlLqypCNYhRF/ll0Hx/oeiJFU rbjh2Og9huhD5JH8z8YAvY2g81e7KdPxazuKJnQpxGutqddCuwBvyI9fovYrah9W bYD6rskLZM2x90RI2LszHisl6FV5k37PaczamlRqGgbbMb9YlnDFjJUbM8rZZgD4 +8u/AkHq2+11pTtZ40NYt1gpdidmIC/gzzha2TfZCHMs44KPMMdH+Fid1Kc6/Cq8 QygtL4M387J9HXUrlN7NDUOrDVuVqfBG+ve3i9GCZzYjwtajTAQ= =6st2 -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202210-25 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: ISC BIND: Multiple Vulnerabilities Date: October 31, 2022 Bugs: #820563, #835439, #872206 ID: 202210-25 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/bind < 9.16.33 >= 9.16.33 2 net-dns/bind-tools < 9.16.33 >= 9.16.33 Description =========== Multiple vulnerabilities have been discovered in ISC BIND. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All ISC BIND users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.16.33" All ISC BIND-tools users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-tools-9.16.33" References ========== [ 1 ] CVE-2021-25219 https://nvd.nist.gov/vuln/detail/CVE-2021-25219 [ 2 ] CVE-2021-25220 https://nvd.nist.gov/vuln/detail/CVE-2021-25220 [ 3 ] CVE-2022-0396 https://nvd.nist.gov/vuln/detail/CVE-2022-0396 [ 4 ] CVE-2022-2795 https://nvd.nist.gov/vuln/detail/CVE-2022-2795 [ 5 ] CVE-2022-2881 https://nvd.nist.gov/vuln/detail/CVE-2022-2881 [ 6 ] CVE-2022-2906 https://nvd.nist.gov/vuln/detail/CVE-2022-2906 [ 7 ] CVE-2022-3080 https://nvd.nist.gov/vuln/detail/CVE-2022-3080 [ 8 ] CVE-2022-38177 https://nvd.nist.gov/vuln/detail/CVE-2022-38177 [ 9 ] CVE-2022-38178 https://nvd.nist.gov/vuln/detail/CVE-2022-38178 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202210-25 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: bind security update Advisory ID: RHSA-2022:8068-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:8068 Issue date: 2022-11-15 CVE Names: CVE-2021-25220 CVE-2022-0396 ==================================================================== 1. Summary: An update for bind is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: DoS from specifically crafted TCP packets (CVE-2022-0396) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability 2064513 - CVE-2022-0396 bind: DoS from specifically crafted TCP packets 2104863 - bind-doc is not shipped to public 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: bind-9.16.23-5.el9_1.src.rpm aarch64: bind-9.16.23-5.el9_1.aarch64.rpm bind-chroot-9.16.23-5.el9_1.aarch64.rpm bind-debuginfo-9.16.23-5.el9_1.aarch64.rpm bind-debugsource-9.16.23-5.el9_1.aarch64.rpm bind-dnssec-utils-9.16.23-5.el9_1.aarch64.rpm bind-dnssec-utils-debuginfo-9.16.23-5.el9_1.aarch64.rpm bind-libs-9.16.23-5.el9_1.aarch64.rpm bind-libs-debuginfo-9.16.23-5.el9_1.aarch64.rpm bind-utils-9.16.23-5.el9_1.aarch64.rpm bind-utils-debuginfo-9.16.23-5.el9_1.aarch64.rpm noarch: bind-dnssec-doc-9.16.23-5.el9_1.noarch.rpm bind-license-9.16.23-5.el9_1.noarch.rpm python3-bind-9.16.23-5.el9_1.noarch.rpm ppc64le: bind-9.16.23-5.el9_1.ppc64le.rpm bind-chroot-9.16.23-5.el9_1.ppc64le.rpm bind-debuginfo-9.16.23-5.el9_1.ppc64le.rpm bind-debugsource-9.16.23-5.el9_1.ppc64le.rpm bind-dnssec-utils-9.16.23-5.el9_1.ppc64le.rpm bind-dnssec-utils-debuginfo-9.16.23-5.el9_1.ppc64le.rpm bind-libs-9.16.23-5.el9_1.ppc64le.rpm bind-libs-debuginfo-9.16.23-5.el9_1.ppc64le.rpm bind-utils-9.16.23-5.el9_1.ppc64le.rpm bind-utils-debuginfo-9.16.23-5.el9_1.ppc64le.rpm s390x: bind-9.16.23-5.el9_1.s390x.rpm bind-chroot-9.16.23-5.el9_1.s390x.rpm bind-debuginfo-9.16.23-5.el9_1.s390x.rpm bind-debugsource-9.16.23-5.el9_1.s390x.rpm bind-dnssec-utils-9.16.23-5.el9_1.s390x.rpm bind-dnssec-utils-debuginfo-9.16.23-5.el9_1.s390x.rpm bind-libs-9.16.23-5.el9_1.s390x.rpm bind-libs-debuginfo-9.16.23-5.el9_1.s390x.rpm bind-utils-9.16.23-5.el9_1.s390x.rpm bind-utils-debuginfo-9.16.23-5.el9_1.s390x.rpm x86_64: bind-9.16.23-5.el9_1.x86_64.rpm bind-chroot-9.16.23-5.el9_1.x86_64.rpm bind-debuginfo-9.16.23-5.el9_1.x86_64.rpm bind-debugsource-9.16.23-5.el9_1.x86_64.rpm bind-dnssec-utils-9.16.23-5.el9_1.x86_64.rpm bind-dnssec-utils-debuginfo-9.16.23-5.el9_1.x86_64.rpm bind-libs-9.16.23-5.el9_1.x86_64.rpm bind-libs-debuginfo-9.16.23-5.el9_1.x86_64.rpm bind-utils-9.16.23-5.el9_1.x86_64.rpm bind-utils-debuginfo-9.16.23-5.el9_1.x86_64.rpm Red Hat CodeReady Linux Builder (v. 9): aarch64: bind-debuginfo-9.16.23-5.el9_1.aarch64.rpm bind-debugsource-9.16.23-5.el9_1.aarch64.rpm bind-devel-9.16.23-5.el9_1.aarch64.rpm bind-dnssec-utils-debuginfo-9.16.23-5.el9_1.aarch64.rpm bind-libs-debuginfo-9.16.23-5.el9_1.aarch64.rpm bind-utils-debuginfo-9.16.23-5.el9_1.aarch64.rpm noarch: bind-doc-9.16.23-5.el9_1.noarch.rpm ppc64le: bind-debuginfo-9.16.23-5.el9_1.ppc64le.rpm bind-debugsource-9.16.23-5.el9_1.ppc64le.rpm bind-devel-9.16.23-5.el9_1.ppc64le.rpm bind-dnssec-utils-debuginfo-9.16.23-5.el9_1.ppc64le.rpm bind-libs-debuginfo-9.16.23-5.el9_1.ppc64le.rpm bind-utils-debuginfo-9.16.23-5.el9_1.ppc64le.rpm s390x: bind-debuginfo-9.16.23-5.el9_1.s390x.rpm bind-debugsource-9.16.23-5.el9_1.s390x.rpm bind-devel-9.16.23-5.el9_1.s390x.rpm bind-dnssec-utils-debuginfo-9.16.23-5.el9_1.s390x.rpm bind-libs-debuginfo-9.16.23-5.el9_1.s390x.rpm bind-utils-debuginfo-9.16.23-5.el9_1.s390x.rpm x86_64: bind-debuginfo-9.16.23-5.el9_1.i686.rpm bind-debuginfo-9.16.23-5.el9_1.x86_64.rpm bind-debugsource-9.16.23-5.el9_1.i686.rpm bind-debugsource-9.16.23-5.el9_1.x86_64.rpm bind-devel-9.16.23-5.el9_1.i686.rpm bind-devel-9.16.23-5.el9_1.x86_64.rpm bind-dnssec-utils-debuginfo-9.16.23-5.el9_1.i686.rpm bind-dnssec-utils-debuginfo-9.16.23-5.el9_1.x86_64.rpm bind-libs-9.16.23-5.el9_1.i686.rpm bind-libs-debuginfo-9.16.23-5.el9_1.i686.rpm bind-libs-debuginfo-9.16.23-5.el9_1.x86_64.rpm bind-utils-debuginfo-9.16.23-5.el9_1.i686.rpm bind-utils-debuginfo-9.16.23-5.el9_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-25220 https://access.redhat.com/security/cve/CVE-2022-0396 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3PhLdzjgjWX9erEAQhVSw/9HlIwMZZuRgTsbY2yARvJ+sRk08hViRo6 ++sV0vMtt3ym5eQES1al4uwAFbVH3B+EZLVuox02PnKVvIM35QnzVFxSa24HToTp l3tl+c9QnDwx3VGceX9og5o/ezSKqT8UeMQF/gamcB5kwGbbeb+Gp7cpSyXsmjB1 h418DMq/BBE1kLx2MAmIAn/r8x8ISsRbk3j96VEtLrQDtbSKCrE7jmQMaGRB4NhK 4pcgEdcVC6mpBIBRSoLqSVvY9cEdbWqB2LBKArSic/GS2RFfXiSTbPP+kHhd8WHF 0pHQpQa2CXqWuoyrk4cmlvyqmp+C1oCuwsjUWm3dIouIpLU3P1PH3Xua+DMcHfNl z3wW5E8hihVQ7taw/c6jKMlIrPVzdNM7zfdqV4PBoMQ6y6nPDP23wNGIBMIArjO/ n841K1Lzp1vrChLKgtYOK4H/s6Fbtb/+fe6Q5wOVPPEeksfoKzjJjZj/J7J+RymH Bd6n+f9iMQzOkj9zb6cgrvt2aLcr29XHfcCRH81i/CEPAEFGT86qOXqIZO0+qV/u qhHDKy3rLqYsOR4BlwhFhovUGCt8rBJ8LOiZlUTxzNG4PNze4F1hG1d0qzYQv0Iw zfOrgT8NGDmGCt2nwtmy813NDmzVegwrS7w0ayLzpcwcJMVOoO0nKi5kzX1slEyu rbPwX0ROLTo=0klO -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.16

sources: NVD: CVE-2022-0396 // JVNDB: JVNDB-2022-001799 // VULMON: CVE-2022-0396 // PACKETSTORM: 166354 // PACKETSTORM: 169261 // PACKETSTORM: 169773 // PACKETSTORM: 169587 // PACKETSTORM: 169894

AFFECTED PRODUCTS

vendor:	netapp	model:	h500s	scope:	eq	version:	-	Trust: 1.0
vendor:	isc	model:	bind	scope:	lt	version:	9.16.27	Trust: 1.0
vendor:	isc	model:	bind	scope:	lte	version:	9.18.0	Trust: 1.0
vendor:	netapp	model:	h300s	scope:	eq	version:	-	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	netapp	model:	h410s	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h410c	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h500e	scope:	eq	version:	-	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	36	Trust: 1.0
vendor:	netapp	model:	h700s	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h300e	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinec ins	scope:	lt	version:	1.0	Trust: 1.0
vendor:	netapp	model:	h700e	scope:	eq	version:	-	Trust: 1.0
vendor:	isc	model:	bind	scope:	gte	version:	9.16.11	Trust: 1.0
vendor:	siemens	model:	sinec ins	scope:	eq	version:	1.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	35	Trust: 1.0
vendor:	isc	model:	bind	scope:	gte	version:	9.17.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	-	version:	-	Trust: 0.8
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	日本電気	model:	esmpro/serveragent	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-001799 // NVD: CVE-2022-0396

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-0396
value:	MEDIUM
Trust: 1.0
security-officer@isc.org:	CVE-2022-0396
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-0396
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202203-1543
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2022-0396
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-0396
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2022-0396
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2022-001799
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2022-0396 // JVNDB: JVNDB-2022-001799 // CNNVD: CNNVD-202203-1543 // NVD: CVE-2022-0396 // NVD: CVE-2022-0396

PROBLEMTYPE DATA

problemtype:	CWE-404	Trust: 1.0
problemtype:	Improper shutdown and release of resources (CWE-404) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-001799 // NVD: CVE-2022-0396

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 166354 // CNNVD: CNNVD-202203-1543

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202203-1543

PATCH

title:	DoS from specifically crafted TCP packets NEC NEC Product security information	url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/	Trust: 0.8
title:	ISC BIND Remediation of resource management error vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=186055	Trust: 0.6
title:	Ubuntu Security Notice: USN-5332-1: Bind vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5332-1	Trust: 0.1
title:	Red Hat: Moderate: bind security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228068 - Security Advisory	Trust: 0.1
title:	Debian Security Advisories: DSA-5105-1 bind9 -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=16d84b908a424f50b3236db9219500e3	Trust: 0.1
title:	Arch Linux Advisories: [ASA-202204-5] bind: denial of service	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202204-5	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2022-0396	Trust: 0.1
title:	Amazon Linux 2022: ALAS2022-2022-166	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-166	Trust: 0.1
title:	Amazon Linux 2022: ALAS2022-2022-138	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-138	Trust: 0.1

sources: VULMON: CVE-2022-0396 // JVNDB: JVNDB-2022-001799 // CNNVD: CNNVD-202203-1543

EXTERNAL IDS

db:	NVD	id:	CVE-2022-0396	Trust: 3.8
db:	SIEMENS	id:	SSA-637483	Trust: 1.7
db:	ICS CERT	id:	ICSA-22-258-05	Trust: 1.5
db:	JVN	id:	JVNVU99475301	Trust: 0.8
db:	JVN	id:	JVNVU98927070	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-001799	Trust: 0.8
db:	PACKETSTORM	id:	166354	Trust: 0.7
db:	PACKETSTORM	id:	169773	Trust: 0.7
db:	PACKETSTORM	id:	169587	Trust: 0.7
db:	PACKETSTORM	id:	169894	Trust: 0.7
db:	CS-HELP	id:	SB2022031701	Trust: 0.6
db:	CS-HELP	id:	SB2022031728	Trust: 0.6
db:	CS-HELP	id:	SB2022041925	Trust: 0.6
db:	CS-HELP	id:	SB2022032124	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.4616	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.1149	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.1180	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5750	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.1719	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.1160	Trust: 0.6
db:	CNNVD	id:	CNNVD-202203-1543	Trust: 0.6
db:	VULMON	id:	CVE-2022-0396	Trust: 0.1
db:	PACKETSTORM	id:	169261	Trust: 0.1

sources: VULMON: CVE-2022-0396 // JVNDB: JVNDB-2022-001799 // PACKETSTORM: 166354 // PACKETSTORM: 169261 // PACKETSTORM: 169773 // PACKETSTORM: 169587 // PACKETSTORM: 169894 // CNNVD: CNNVD-202203-1543 // NVD: CVE-2022-0396

REFERENCES

url:	https://kb.isc.org/v1/docs/cve-2022-0396	Trust: 1.8
url:	https://security.gentoo.org/glsa/202210-25	Trust: 1.8
url:	https://security.netapp.com/advisory/ntap-20220408-0001/	Trust: 1.7
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0396	Trust: 1.3
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/nyd7us4hzrfugaj66zthfbyvp5n3oqby/	Trust: 1.0
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-258-05	Trust: 0.9
url:	http://jvn.jp/vu/jvnvu98927070/index.html	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu99475301/	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2022-0396	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/nyd7us4hzrfugaj66zthfbyvp5n3oqby/	Trust: 0.7
url:	https://cxsecurity.com/cveshow/cve-2022-0396/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.4616	Trust: 0.6
url:	https://packetstormsecurity.com/files/166354/ubuntu-security-notice-usn-5332-1.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/169894/red-hat-security-advisory-2022-8068-01.html	Trust: 0.6
url:	https://vigilance.fr/vulnerability/isc-bind-denial-of-service-via-keep-response-order-tcp-connection-slots-37817	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022031728	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.1160	Trust: 0.6
url:	https://packetstormsecurity.com/files/169773/red-hat-security-advisory-2022-7643-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.1180	Trust: 0.6
url:	https://packetstormsecurity.com/files/169587/gentoo-linux-security-advisory-202210-25.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022041925	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.1719	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-258-05	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5750	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022031701	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022032124	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.1149	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-25220	Trust: 0.5
url:	https://ubuntu.com/security/notices/usn-5332-1	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-25220	Trust: 0.2
url:	https://access.redhat.com/security/team/contact/	Trust: 0.2
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.2
url:	https://access.redhat.com/security/team/key/	Trust: 0.2
url:	https://access.redhat.com/articles/11258	Trust: 0.2
url:	https://bugzilla.redhat.com/):	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/404.html	Trust: 0.1
url:	https://www.debian.org/security/2022/dsa-5105	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://alas.aws.amazon.com/al2022/alas-2022-166.html	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bind9/1:9.16.1-0ubuntu2.10	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bind9/1:9.16.15-1ubuntu1.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bind9/1:9.11.3+dfsg-1ubuntu1.17	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/bind9	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:7643	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-38178	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2906	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2881	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2795	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-25219	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3080	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-38177	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:8068	Trust: 0.1

CREDITS

Siemens reported these vulnerabilities to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202203-1543

SOURCES

db:	VULMON	id:	CVE-2022-0396
db:	JVNDB	id:	JVNDB-2022-001799
db:	PACKETSTORM	id:	166354
db:	PACKETSTORM	id:	169261
db:	PACKETSTORM	id:	169773
db:	PACKETSTORM	id:	169587
db:	PACKETSTORM	id:	169894
db:	CNNVD	id:	CNNVD-202203-1543
db:	NVD	id:	CVE-2022-0396

LAST UPDATE DATE

2024-08-14T12:23:52.161000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2022-0396	date:	2022-11-16T00:00:00
db:	JVNDB	id:	JVNDB-2022-001799	date:	2022-09-20T06:14:00
db:	CNNVD	id:	CNNVD-202203-1543	date:	2022-11-17T00:00:00
db:	NVD	id:	CVE-2022-0396	date:	2024-01-21T02:05:10.713

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2022-0396	date:	2022-03-23T00:00:00
db:	JVNDB	id:	JVNDB-2022-001799	date:	2022-05-12T00:00:00
db:	PACKETSTORM	id:	166354	date:	2022-03-17T15:54:20
db:	PACKETSTORM	id:	169261	date:	2022-03-28T19:12:00
db:	PACKETSTORM	id:	169773	date:	2022-11-08T13:49:24
db:	PACKETSTORM	id:	169587	date:	2022-10-31T14:50:53
db:	PACKETSTORM	id:	169894	date:	2022-11-16T16:09:16
db:	CNNVD	id:	CNNVD-202203-1543	date:	2022-03-16T00:00:00
db:	NVD	id:	CVE-2022-0396	date:	2022-03-23T11:15:08.380