Isc · Bind · CVE-2022-3080
**Name of the Vulnerable Software and Affected Versions**
BIND versions (affected versions not specified)
**Description**
The issue is related to a flaw in the resolver code, allowing an attacker to cause the named service to crash by sending specific queries. This can lead to a denial of service (DoS) attack, where the attacker can severely degrade the resolver's performance, denying legitimate clients access to the DNS resolution service. The vulnerability is also associated with insufficient input validation when handling the `stale-answer-client-timeout` parameter with a value of 0 and the use of CNAME record types in the cache for incoming requests.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.