PT-2022-6539 · Isc+9 · Bind+9
Published
2022-03-16
·
Updated
2024-06-15
·
CVE-2022-0396
CVSS v3.1
6.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
BIND versions 9.16.11 through 9.16.26
BIND versions 9.17.0 through 9.18.0
BIND Supported Preview Edition versions 9.16.11-S1 through 9.16.26-S1
Description
The issue is related to improper resource cleanup, which can be exploited by a remote attacker sending specially crafted TCP streams with 'keep-response-order' enabled. This can cause connections to remain in CLOSE WAIT status for an indefinite period, even after the client has terminated the connection.
Recommendations
For BIND versions 9.16.11 through 9.16.26, update to a version outside of this range to resolve the issue.
For BIND versions 9.17.0 through 9.18.0, update to a version outside of this range to resolve the issue.
For BIND Supported Preview Edition versions 9.16.11-S1 through 9.16.26-S1, update to a version outside of this range to resolve the issue.
As a temporary workaround, consider restricting the use of TCP streams with 'keep-response-order' enabled to minimize the risk of exploitation.
Fix
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Almalinux
Bind
Bind Server
Centos
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu