named configured to answer from stale cache may terminate unexpectedly while processing RRSIG queries

CVE-2022-3736

7.5HIGH

Key Information

Vendor: Isc
Status: Bind 9
Vendor: CVE Published:; 26 January 2023

Badges

👾 Exploit Exists

Summary

BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.

Affected Version(s)

BIND 9 <= 9.16.36

BIND 9 <= 9.18.10

BIND 9 <= 9.19.8

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit exists.
Aug 3, 2024
Vulnerability published.
Jan 26, 2023
Vulnerability Reserved.
Oct 28, 2022

Collectors

NVD DatabaseMitre Database

Credit

ISC would like to thank Borja Marcos from Sarenet (with assistance by Iratxe Niño from Fundación Sarenet) for bringing this vulnerability to our attention.