CVE-2022-2795
Processing large delegations may severely degrade resolver performance
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Productos afectados
ISC · BIND9¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://kb.isc.org/docs/cve-2022-2795https://lists.debian.org/debian-lts-announce/2022/10/msg00007.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/https://security.gentoo.org/glsa/202210-25https://security.netapp.com/advisory/ntap-20241129-0002/https://www.debian.org/security/2022/dsa-5235http://www.openwall.com/lists/oss-security/2022/09/21/3