CVE 2022-1183
On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch.
Related bugs and status
CVE-2022-1183 (Candidate) is related to these bugs:
Bug #1258003: DiG crashes on +nssearch with +tcp in bind9 9.18
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1258003 | DiG crashes on +nssearch with +tcp in bind9 9.18 | bind9 (Ubuntu) | High | Fix Released | ||
1258003 | DiG crashes on +nssearch with +tcp in bind9 9.18 | bind9 (Ubuntu Jammy) | High | Fix Released | ||
1258003 | DiG crashes on +nssearch with +tcp in bind9 9.18 | bind9 (Ubuntu Kinetic) | Undecided | Fix Released |
Bug #1970252: The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1970252 | The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04 | bind9 (Ubuntu) | High | Fix Released | ||
1970252 | The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04 | bind9 (Ubuntu Jammy) | High | Fix Released | ||
1970252 | The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04 | bind9 (Ubuntu Kinetic) | High | Fix Released |
Bug #1971250: Merge bind9 from Debian unstable for kinetic
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1971250 | Merge bind9 from Debian unstable for kinetic | bind9 (Ubuntu) | Undecided | Fix Released |
Bug #2003584: Add better DEP-8 tests
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2003584 | Add better DEP-8 tests | bind9 (Ubuntu) | Undecided | Fix Released | ||
2003584 | Add better DEP-8 tests | bind9 (Ubuntu Kinetic) | Undecided | Fix Released | ||
2003584 | Add better DEP-8 tests | bind9 (Ubuntu Focal) | Undecided | New | ||
2003584 | Add better DEP-8 tests | bind9 (Ubuntu Jammy) | Undecided | Fix Released |
Bug #2003586: MRE Updates 9.18.12 / 9.16.39
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2003586 | MRE Updates 9.18.12 / 9.16.39 | bind9 (Ubuntu) | Undecided | Fix Released | ||
2003586 | MRE Updates 9.18.12 / 9.16.39 | bind9 (Ubuntu Kinetic) | Undecided | Fix Released | ||
2003586 | MRE Updates 9.18.12 / 9.16.39 | bind9 (Ubuntu Focal) | Undecided | Fix Released | ||
2003586 | MRE Updates 9.18.12 / 9.16.39 | bind9 (Ubuntu Jammy) | Undecided | Fix Released | ||
2003586 | MRE Updates 9.18.12 / 9.16.39 | bind-dyndb-ldap (Ubuntu) | Undecided | Fix Released | ||
2003586 | MRE Updates 9.18.12 / 9.16.39 | bind-dyndb-ldap (Ubuntu Jammy) | Undecided | Fix Released | ||
2003586 | MRE Updates 9.18.12 / 9.16.39 | bind-dyndb-ldap (Ubuntu Kinetic) | Undecided | Fix Released |
Bug #2006972: bind9 can't load preinstalled plugins
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2006972 | bind9 can't load preinstalled plugins | bind9 (Ubuntu) | Undecided | Fix Released | ||
2006972 | bind9 can't load preinstalled plugins | bind9 (Ubuntu Jammy) | Undecided | Fix Released | ||
2006972 | bind9 can't load preinstalled plugins | bind9 (Ubuntu Lunar) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.