PT-2022-4860 · Isc+5 · Bind+5

Published

2022-09-21

Updated

2025-12-01

CVE-2022-2881

CVSS v2.0

8.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:C

Name of the Vulnerable Software and Affected Versions BIND versions (affected versions not specified)

Description The issue is related to a buffer overflow bug that can cause the process to read past the end of the buffer, potentially allowing an attacker to read memory that should not be accessible or crash the process. This can be exploited by a remote attacker to gain access to protected information or cause a denial of service. The vulnerability is also associated with boundary conditions when reusing an HTTP connection to request statistics from a statistics channel, which can lead to a read beyond bounds error or a denial of service attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2022-05984

CVE-2022-2881

OESA-2022-1981

OESA-2022-1982

OESA-2022-1983

OPENSUSE-SU-2024:12356-1

USN-5626-1

Affected Products

Bind

Bind Server

Debian

Linuxmint

Red Os

Ubuntu

PT-2022-4860 · Isc+5 · Bind+5

CVE-2022-2881

Weakness Enumeration

Related Identifiers

Affected Products

References · 45