{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-2881", "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "assignerShortName": "isc", "datePublished": "2022-09-21T10:15:26.604481Z", "dateUpdated": "2024-09-17T03:59:41.045Z", "dateReserved": "2022-08-17T00:00:00"}, "containers": {"cna": {"title": "Buffer overread in statistics channel code", "datePublic": "2022-09-21T00:00:00", "providerMetadata": {"orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc", "dateUpdated": "2022-10-31T00:00:00"}, "descriptions": [{"lang": "en", "value": "The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process."}], "affected": [{"vendor": "ISC", "product": "BIND9", "versions": [{"version": "Open Source Branch 9.18 9.18.0 through versions before 9.18.7", "status": "affected"}, {"version": "Development Branch 9.19 9.19.0 through versions before 9.19.5", "status": "affected"}]}], "references": [{"url": "https://kb.isc.org/docs/cve-2022-2881"}, {"name": "[oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/3"}, {"name": "GLSA-202210-25", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202210-25"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "In BIND 9.18.0 -> 9.18.6 and versions 9.19.0 -> 9.19.4 of the BIND 9.19 development branch, when an HTTP connection was reused to request statistics from the stats channel, the content length of successive responses could grow in size past the end of the allocated buffer."}]}], "source": {"discovery": "INTERNAL"}, "workarounds": [{"lang": "en", "value": "Disable the statistics channel."}], "exploits": [{"lang": "en", "value": "This flaw was discovered in internal testing. We are not aware of any active exploits."}], "solutions": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of BIND: BIND 9.18.7 or BIND 9.19.5."}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:53:00.479Z"}, "title": "CVE Program Container", "references": [{"url": "https://kb.isc.org/docs/cve-2022-2881", "tags": ["x_transferred"]}, {"name": "[oss-security] 20220921 ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/3"}, {"name": "GLSA-202210-25", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202210-25"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*", "matchCriteriaId": "BAE4B411-40F7-422D-8A5C-775ED1D00189", "versionEndExcluding": "9.18.7", "versionStartIncluding": "9.18.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*", "matchCriteriaId": "3E1EC206-AC11-4A7E-9723-C4F69FF76892", "versionEndExcluding": "9.19.5", "versionStartIncluding": "9.19.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process."}, {"lang": "es", "value": "Un fallo subyacente podr\u00eda causar que sea le\u00eddo m\u00e1s all\u00e1 del final del buffer y que sea le\u00edda memoria que no deber\u00eda leer, o que bloquear\u00e1 el proceso"}], "id": "CVE-2022-2881", "lastModified": "2024-11-21T07:01:51.730", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 4.2, "source": "security-officer@isc.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-21T11:15:09.563", "references": [{"source": "security-officer@isc.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/3"}, {"source": "security-officer@isc.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://kb.isc.org/docs/cve-2022-2881"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202210-25"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://kb.isc.org/docs/cve-2022-2881"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202210-25"}], "sourceIdentifier": "security-officer@isc.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "bind: buffer overread in statistics channel code", "id": "2128594", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128594"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H", "status": "draft"}, "cwe": "CWE-126", "details": ["The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.", "A flaw was found in the Bind package. When an HTTP connection was reused to request statistics from the stats channel, the content length of successive responses could grow in size past the end of the allocated buffer, affecting the availability."], "name": "CVE-2022-2881", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "bind9.16", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "dhcp", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2022-09-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-2881\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-2881\nhttps://kb.isc.org/docs/cve-2022-2881"], "statement": "This flaw only affects versions BIND-9.18.0 and higher, whereas Red Hat ships BIND-9.16 and lower versions. Therefore, versions of BIND shipped with Red Hat Products are not affected by this flaw.", "threat_severity": "Moderate"}