{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-38178", "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "assignerShortName": "isc", "dateUpdated": "2022-12-28T00:00:00", "dateReserved": "2022-08-12T00:00:00", "datePublished": "2022-09-21T00:00:00"}, "containers": {"cna": {"title": "Memory leaks in EdDSA DNSSEC verification code", "datePublic": "2022-09-21T00:00:00", "providerMetadata": {"orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc", "dateUpdated": "2022-12-28T00:00:00"}, "descriptions": [{"lang": "en", "value": "By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources."}], "affected": [{"vendor": "ISC", "product": "BIND9", "versions": [{"version": "Open Source Branch 9.9 9.9.12 through versions up to and including 9.9.13", "status": "affected"}, {"version": "Open Source Branch 9.10 9.10.7 through versions up to and including 9.10.8", "status": "affected"}, {"version": "Open Source Branches 9.11 through 9.16 9.11.3 through versions before 9.16.33", "status": "affected"}, {"version": "Open Source Branch 9.18 9.18.0 through versions before 9.18.7", "status": "affected"}, {"version": "Supported Preview Branch 9.11-S 9.11.4-S1 through versions up to and including 9.11.37-S1", "status": "affected"}, {"version": "Supported Preview Branch 9.16-S 9.16.8-S1 through versions before 9.16.33-S1", "status": "affected"}, {"version": "Development Branch 9.19 9.19.0 through versions before 9.19.5", "status": "affected"}]}], "references": [{"url": "https://kb.isc.org/docs/cve-2022-38178"}, {"name": "[oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/3"}, {"name": "DSA-5235", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2022/dsa-5235"}, {"name": "FEDORA-2022-ef038365de", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/"}, {"name": "FEDORA-2022-8268735e06", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/"}, {"name": "FEDORA-2022-b197d64471", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/"}, {"name": "[debian-lts-announce] 20221005 [SECURITY] [DLA 3138-1] bind9 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html"}, {"name": "GLSA-202210-25", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202210-25"}, {"url": "https://security.netapp.com/advisory/ntap-20221228-0009/"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.16.32, 9.18.0 -> 9.18.6, versions 9.11.4-S1 -> 9.11.37-S1, 9.16.8-S1 -> 9.16.32-S1 of the BIND Supported Preview Edition, and versions 9.19.0 -> 9.19.4 of the BIND 9.19 development branch, the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch."}]}], "source": {"discovery": "INTERNAL"}, "workarounds": [{"lang": "en", "value": "Disable the following algorithms in your configuration using the disable-algorithms option: ED25519, ED448. Note that this causes zones signed with these algorithms to be treated as insecure."}], "exploits": [{"lang": "en", "value": "This flaw was discovered in internal testing. We are not aware of any active exploits."}], "solutions": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND: BIND 9.16.33, BIND 9.18.7, BIND 9.19.5, or for BIND Supported Preview Edition (a special feature preview branch of BIND provided to eligible ISC support customers): BIND 9.16.33-S1."}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "444F158A-CA67-4E10-9F4B-DC47B9855E95", "versionEndIncluding": "9.9.13", "versionStartIncluding": "9.9.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "B60E5A42-D9B1-47FF-95AB-E19E54AC90C2", "versionEndIncluding": "9.10.8", "versionStartIncluding": "9.10.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D33CEC6-E786-49B7-8DDA-13250DB1C9C9", "versionEndIncluding": "9.16.32", "versionStartIncluding": "9.11.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "C2FE13E1-0646-46FC-875B-CB4C34E20101", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.3:s4:*:*:supported_preview:*:*:*", "matchCriteriaId": "39995ADF-74CC-4035-ADB2-010F676FCEC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.5:s3:*:*:*:supported_preview:*:*", "matchCriteriaId": "B6F72F80-D178-4F6D-8D16-85C0DEEE275B", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*", "matchCriteriaId": "1AA16E51-819C-4A1B-B66E-1C60C1782C0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*", "matchCriteriaId": "91533F9F-C0E5-4E84-8A4C-F744F956BF97", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*", "matchCriteriaId": "46E6A4BD-D69B-4A70-821D-5612DD1315EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "8AF9D390-0D5B-4963-A2D3-BF1E7CD95E9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "AB2B92F1-6BA8-41CA-9000-E0633462CC28", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "02CA4635-7DFC-408E-A837-856E0F96CA1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "3CABCB08-B838-45F7-AA87-77C6B8767DD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.14-s1:*:*:*:preview:*:*:*", "matchCriteriaId": "FB597385-BCFD-4CDB-9328-B4F76D586E4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.19-s1:*:*:*:preview:*:*:*", "matchCriteriaId": "42C76CEF-FD0B-40A4-B246-A71F3EC72B29", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "5CC1F26C-4757-4C87-BD8B-2FA456A88C6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "582A4948-B64F-45D4-807A-846A85BB6B42", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "F22E7F6A-0714-480D-ACDF-5027FD6697B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.35:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "255AEB06-F071-4433-93E5-9436086C1A6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.11.37:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "EF14D712-5FCF-492F-BE3E-745109E9D6E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "288EAD80-574B-4839-9C2C-81D6D088A733", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "3595F024-F910-4356-8B5B-D478960FF574", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "94661BA2-27F8-4FFE-B844-9404F735579D", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "751E37C2-8BFD-4306-95C1-8C01CE495FA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.16.32:s1:*:*:supported_preview:*:*:*", "matchCriteriaId": "CC432820-F1A2-4132-A673-2620119553C5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources."}, {"lang": "es", "value": "Al falsificar el resolver objetivo con respuestas que presentan una firma EdDSA malformada, un atacante puede desencadenar una peque\u00f1a p\u00e9rdida de memoria. Es posible erosionar gradualmente la memoria disponible hasta el punto de que named sea bloqueado por falta de recursos"}], "id": "CVE-2022-38178", "lastModified": "2023-11-07T03:50:04.237", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-officer@isc.org", "type": "Secondary"}]}, "published": "2022-09-21T11:15:09.733", "references": [{"source": "security-officer@isc.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/3"}, {"source": "security-officer@isc.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://kb.isc.org/docs/cve-2022-38178"}, {"source": "security-officer@isc.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html"}, {"source": "security-officer@isc.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/"}, {"source": "security-officer@isc.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/"}, {"source": "security-officer@isc.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202210-25"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20221228-0009/"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5235"}], "sourceIdentifier": "security-officer@isc.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}