CVE-2022-2795
Processing large delegations may severely degrade resolver performance
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected products
ISC · BIND9Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://kb.isc.org/docs/cve-2022-2795https://lists.debian.org/debian-lts-announce/2022/10/msg00007.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/https://security.gentoo.org/glsa/202210-25https://security.netapp.com/advisory/ntap-20241129-0002/https://www.debian.org/security/2022/dsa-5235http://www.openwall.com/lists/oss-security/2022/09/21/3