isc bind 密码学签名的验证不恰当

admin

0
文章

0
评论

2023-11-30 05:54:47 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

中危 isc bind 密码学签名的验证不恰当

CVE编号

CVE-2022-38178

利用情况

暂无

补丁情况

官方补丁

披露时间

2022-09-21

漏洞描述

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://www.openwall.com/lists/oss-security/2022/09/21/3
https://kb.isc.org/docs/cve-2022-38178
https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://security.gentoo.org/glsa/202210-25
https://security.netapp.com/advisory/ntap-20221228-0009/
https://www.debian.org/security/2022/dsa-5235

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	isc	bind	*	From (including) 9.10.7	Up to (including) 9.10.8
	运行在以下环境
	应用	isc	bind	*	From (including) 9.11.3	Up to (including) 9.16.32
	运行在以下环境
	应用	isc	bind	*	From (including) 9.9.12	Up to (including) 9.9.13
	运行在以下环境
	应用	isc	bind	9.11.12	-
	运行在以下环境
	应用	isc	bind	9.11.14-s1	-
	运行在以下环境
	应用	isc	bind	9.11.19-s1	-
	运行在以下环境
	应用	isc	bind	9.11.21	-
	运行在以下环境
	应用	isc	bind	9.11.27	-
	运行在以下环境
	应用	isc	bind	9.11.29	-
	运行在以下环境
	应用	isc	bind	9.11.3	-
	运行在以下环境
	应用	isc	bind	9.11.35	-
	运行在以下环境
	应用	isc	bind	9.11.37	-
	运行在以下环境
	应用	isc	bind	9.11.5	-
	运行在以下环境
	应用	isc	bind	9.11.6	-
	运行在以下环境
	应用	isc	bind	9.11.7	-
	运行在以下环境
	应用	isc	bind	9.11.8	-
	运行在以下环境
	应用	isc	bind	9.16.11	-
	运行在以下环境
	应用	isc	bind	9.16.13	-
	运行在以下环境
	应用	isc	bind	9.16.21	-
	运行在以下环境
	应用	isc	bind	9.16.32	-
	运行在以下环境
	应用	isc	bind	9.16.8	-
	运行在以下环境
	系统	alibaba_cloud_linux_2.1903	bind-chroot	*		Up to (excluding) 9.11.4-26.P2.5.al7.10
	运行在以下环境
	系统	alpine_3.13	bind	*		Up to (excluding) 9.16.33-r0
	运行在以下环境
	系统	alpine_3.14	bind	*		Up to (excluding) 9.16.33-r0
	运行在以下环境
	系统	alpine_3.15	bind	*		Up to (excluding) 9.16.33-r0
	运行在以下环境
	系统	alpine_3.16	bind	*		Up to (excluding) 9.16.33-r0
	运行在以下环境
	系统	alpine_3.17	bind	*		Up to (excluding) 9.18.7-r0
	运行在以下环境
	系统	alpine_3.18	bind	*		Up to (excluding) 9.18.7-r0
	运行在以下环境
	系统	alpine_edge	bind	*		Up to (excluding) 9.18.7-r0
	运行在以下环境
	系统	amazon_2	bind	*		Up to (excluding) 9.11.4-26.P2.amzn2.13
	运行在以下环境
	系统	amazon_2023	bind	*		Up to (excluding) 9.16.38-1.amzn2023
	运行在以下环境
系统	anolis_os_7	bind-pkcs11-utils	*		Up to (excluding) 9.11.4-26
运行在以下环境
系统	anolis_os_8	bind9.16-license	*		Up to (excluding) 9.11.36-3
运行在以下环境
系统	centos_7	bind	*		Up to (excluding) 9.11.4-26.P2.el7_9.10
运行在以下环境
系统	centos_8	bind9.16-libs-debuginfo	*		Up to (excluding) 9.11.36-3.el8_6.1
运行在以下环境
系统	debian_10	bind9	*		Up to (excluding) 1:9.11.5.P4+dfsg-5.1+deb10u8
运行在以下环境
系统	debian_11	bind9	*		Up to (excluding) 1:9.16.33-1~deb11u1
运行在以下环境
系统	debian_12	bind9	*		Up to (excluding) 1:9.18.7-1
运行在以下环境
系统	debian_sid	bind9	*		Up to (excluding) 1:9.18.7-1
运行在以下环境
系统	fedora_35	bind-debugsource	*		Up to (excluding) 9.16.33-1.fc35
运行在以下环境
系统	fedora_36	bind-debugsource	*		Up to (excluding) 9.16.33-1.fc36
运行在以下环境
系统	fedora_37	bind-debugsource	*		Up to (excluding) 9.18.7-1.fc37
运行在以下环境
系统	fedora_38	bind-debugsource	*		Up to (excluding) 9.18.7-1.fc38
运行在以下环境
系统	kylinos_aarch64_V10SP1	bind	*		Up to (excluding) 9.11.21-8.p02.ky10
运行在以下环境
系统	kylinos_aarch64_V10SP2	bind	*		Up to (excluding) 9.11.21-10.p02.ky10
运行在以下环境
系统	kylinos_loongarch64_V10SP1	bind	*		Up to (excluding) 9.11.21-10.p01.a.ky10
运行在以下环境
系统	kylinos_loongarch64_V10SP3	bind	*		Up to (excluding) 9.11.21-10.p01.a.ky10
运行在以下环境
系统	kylinos_x86_64_V10SP1	bind	*		Up to (excluding) 9.11.21-8.p02.ky10
运行在以下环境
系统	kylinos_x86_64_V10SP2	bind	*		Up to (excluding) 9.11.21-10.p02.ky10
运行在以下环境
系统	opensuse_Leap_15.3	libdns1605-32bit	*		Up to (excluding) 9.16.6-150300.22.21.2
运行在以下环境
系统	opensuse_Leap_15.4	bind-utils	*		Up to (excluding) 9.16.6-150000.12.63.1
运行在以下环境
系统	oracle_7	oraclelinux-release	*		Up to (excluding) 9.11.4-26.P2.el7_9.10
运行在以下环境
系统	oracle_8	oraclelinux-release	*		Up to (excluding) 9.11.36-3.el8_6.1
运行在以下环境
系统	oracle_9	oraclelinux-release	*		Up to (excluding) 9.16.23-1.el9_0.1
运行在以下环境
系统	redhat_7	bind	*		Up to (excluding) 9.11.4-26.P2.el7_9.10
运行在以下环境
系统	redhat_8	bind9.16-libs-debuginfo	*		Up to (excluding) 9.11.36-3.el8_6.1
运行在以下环境
系统	redhat_9	bind-chroot	*		Up to (excluding) 9.16.23-1.el9_0.1
运行在以下环境
系统	suse_12_SP5	bind-doc	*		Up to (excluding) 9.11.22-3.43.1
运行在以下环境
系统	ubuntu_18.04	bind9	*		Up to (excluding) 1:9.11.3+dfsg-1ubuntu1.18
运行在以下环境
系统	ubuntu_20.04	bind9	*		Up to (excluding) 1:9.16.1-0ubuntu2.11
运行在以下环境
系统	ubuntu_22.04	bind9	*		Up to (excluding) 1:9.18.1-1ubuntu1.2
运行在以下环境
系统	ubuntu_22.10	bind9	*		Up to (excluding) 1:9.18.4-2ubuntu2
运行在以下环境
系统	unionos_a	bind	*		Up to (excluding) bind-9.11.36-3.uelc20.2
运行在以下环境
系统	unionos_c	bind	*		Up to (excluding) bind-9.11.4-26.P2.uelc20.10
运行在以下环境
系统	unionos_d	bind9	*		Up to (excluding) 1:9.11.5.P4.3+dfsg.6.1-deepin1
运行在以下环境
系统	unionos_e	bind	*		Up to (excluding) bind-9.11.21-14.uel20