Vulnerability Details : CVE-2022-38178
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
Products affected by CVE-2022-38178
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.11.5:s3:*:*:*:supported_preview:*:*
- cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.35:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.16.32:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.37:s1:*:*:supported_preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.14-s1:*:*:*:preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.19-s1:*:*:*:preview:*:*:*
- cpe:2.3:a:isc:bind:9.11.3:s4:*:*:supported_preview:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
Threat overview for CVE-2022-38178
Top countries where our scanners detected CVE-2022-38178
Top open port discovered on systems with this issue
53
IPs affected by CVE-2022-38178 1,205,646
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2022-38178!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2022-38178
0.68%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 71 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-38178
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
Internet Systems Consortium (ISC) |
CWE ids for CVE-2022-38178
-
The product does not verify, or incorrectly verifies, the cryptographic signature for data.Assigned by: nvd@nist.gov (Primary)
-
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2022-38178
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/
[SECURITY] Fedora 35 Update: bind-dyndb-ldap-11.9-16.fc35 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/
[SECURITY] Fedora 36 Update: bind-9.16.33-1.fc36 - package-announce - Fedora Mailing-Lists
-
https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html
[SECURITY] [DLA 3138-1] bind9 security updateMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/
[SECURITY] Fedora 35 Update: bind-dyndb-ldap-11.9-16.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/
[SECURITY] Fedora 37 Update: bind-9.18.7-1.fc37 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/
[SECURITY] Fedora 36 Update: bind-9.16.33-1.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20221228-0009/
CVE-2022-38178 ISC BIND Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://www.debian.org/security/2022/dsa-5235
Debian -- Security Information -- DSA-5235-1 bind9Third Party Advisory
-
https://security.gentoo.org/glsa/202210-25
ISC BIND: Multiple Vulnerabilities (GLSA 202210-25) — Gentoo securityThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2022/09/21/3
oss-security - ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)Mailing List;Patch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/
[SECURITY] Fedora 37 Update: bind-9.18.7-1.fc37 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://kb.isc.org/docs/cve-2022-38178
CVE-2022-38178: Memory leaks in EdDSA DNSSEC verification codeMailing List;Third Party Advisory
Jump to