named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota
CVE-2022-3924

7.5HIGH

Key Information:

Vendor: Isc
Status: Bind 9
Vendor: CVE Published:; 26 January 2023

Badges

👾 Exploit Exists

What is CVE-2022-3924?

The vulnerability in BIND 9 resolvers occurs due to improper handling of client queries when the 'stale-answer-enable' option is activated along with a positive 'stale-answer-client-timeout' setting. When the resolver experiences a high volume of recursive queries, it may need to terminate the longest waiting client in order to serve a new request. This scenario risks a race condition between sending a stale answer and issuing a 'SERVFAIL' response, potentially leading to an assertion failure that disrupts normal operations. Systems running vulnerable versions of BIND 9 should be assessed and updated to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

BIND 9 9.16.12 <= 9.16.36

BIND 9 9.18.0 <= 9.18.10

BIND 9 9.19.0 <= 9.19.8

References

https://kb.isc.org/docs/cve-2022-3924

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Aug 3, 2024
Vulnerability published
Jan 26, 2023
Vulnerability Reserved
Nov 10, 2022

Credit

ISC would like to thank Maksym Odinintsev from AWS for bringing this vulnerability to our attention.

JSON

Isc

Badges

What is CVE-2022-3924?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.