StarlingX

Debian CVE: CVE-2022-2795 / CVE-2022-3080 / CVE-2022-38177 / CVE-2022-38178: bind9: multiple CVEs

Bug #1994099 reported by Yue Tao
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Medium
Wentao Zhang

Bug Description

CVE-2022-2795: [https://nvd.nist.gov/vuln/detail/CVE-2022-2795]
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.

CVE-2022-3080: [https://nvd.nist.gov/vuln/detail/CVE-2022-3080]
By sending specific queries to the resolver, an attacker can cause named to crash.

CVE-2022-38177: [https://nvd.nist.gov/vuln/detail/CVE-2022-38177]
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

CVE-2022-38178: [https://nvd.nist.gov/vuln/detail/CVE-2022-38178]
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

Score:
cve_id status cvss3Score av ac pr ui ai
CVE-2022-2795 fixed 7.5 N L N N H
CVE-2022-3080 fixed 7.5 N L N N H
CVE-2022-38177 fixed 7.5 N L N N H
CVE-2022-38178 fixed 7.5 N L N N H

References:
https://www.debian.org/security/2022/dsa-5235

['bind9-dnsutils_1:9.16.27-1~deb11u1_amd64.deb===>bind9-dnsutils_1:9.16.33-1~deb11u1_amd64.deb', 'bind9-host_1:9.16.27-1~deb11u1_amd64.deb===>bind9-host_1:9.16.33-1~deb11u1_amd64.deb', 'bind9-libs_1:9.16.27-1~deb11u1_amd64.deb===>bind9-libs_1:9.16.33-1~deb11u1_amd64.deb']

Revision history for this message
Ghada Khalil (gkhalil) wrote (last edit ):

screening: stx.8.0 / medium - CVE meets the stx fix criteria

Changed in starlingx:
importance: Undecided → Medium
tags: added: stx.8.0 stx.security
information type: Public → Public Security
Changed in starlingx:
assignee: nobody → Wentao Zhang (wzhang4)
Ghada Khalil (gkhalil)
Changed in starlingx:
status: New → Triaged
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tools (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/tools/+/862366

Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/862366
Committed: https://opendev.org/starlingx/tools/commit/b299878b1e77f45ed8ebb190c0fa8afd321bad42
Submitter: "Zuul (22348)"
Branch: master

commit b299878b1e77f45ed8ebb190c0fa8afd321bad42
Author: Wentao Zhang <email address hidden>
Date: Mon Oct 31 08:36:15 2022 +0800

    Debian: bind9:fix CVE-2022-2795, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178

    Upgrade bind9 to a version that the above CVEs have been fixed:
    bind9-dnsutils_1:9.16.27-1~deb11u1_amd64.deb to
    bind9-dnsutils_1:9.16.33-1~deb11u1_amd64.deb
    bind9-host_1:9.16.27-1~deb11u1_amd64.deb to
    bind9-host_1:9.16.33-1~deb11u1_amd64.deb
    bind9-libs_1:9.16.27-1~deb11u1_amd64.deb to
    bind9-libs_1:9.16.33-1~deb11u1_amd64.deb

    (Refer to https://www.debian.org/security/2022/dsa-5235)

    This fix provides the URL of the package in base-bullseye.lst to
    make sure that the binary package can be downloaded no matter how
    the upstream changes.

    Test plan:
    PASS: build-pkgs --clean --all && build-image

    Closes-bug: 1994099
    Signed-off-by: Wentao Zhang<email address hidden>
    Change-Id: I155dc621386339db337e0987c698e13634d36750

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.