Buffer overread in statistics channel code
CVE-2022-2881
5.5MEDIUM
Summary
The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.
Affected Version(s)
BIND9 Open Source Branch 9.18 9.18.0 through versions before 9.18.7
BIND9 Development Branch 9.19 9.19.0 through versions before 9.19.5
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database