CVE-2022-0635

7.5HIGH

Key Information

Vendor: Isc
Status: Bind
Vendor: CVE Published:; 23 March 2022

Summary

Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check.

Affected Version(s)

BIND = Open Source Branch 9.18 9.18.0

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Mar 23, 2022
Vulnerability Reserved.
Feb 16, 2022

Collectors

NVD DatabaseMitre Database

Credit

ISC would like to thank Vincent Levigneron of AFNIC for reporting this issue to us and for verifying the fix and workaround.