CVE-2022-0667

Name of the Vulnerable Software and Affected Versions BIND version 9.18.0

Description The issue is related to the processing of a DS record request that needs to be forwarded. When this request is processed, the system waits for the processing to complete or for a timeout to occur. Due to this timeout, the resume dslookup() function is called without checking if the lookup was previously completed. This allows a remote attacker to trigger an assertion failure, causing the BIND process to terminate and resulting in a denial of service.

Recommendations For BIND version 9.18.0, consider disabling the DS record forwarding feature until a patch is available to prevent the resume dslookup() function from being called without proper checks, thus minimizing the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.