VAR-202203-0664
Vulnerability from variot - Updated: 2025-12-22 22:20BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. (CVE-2021-25220) By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. (CVE-2022-2795) By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38177) By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38178). 9) - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.
The following advisory data is extracted from:
https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2720.json
Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: bind security update Advisory ID: RHSA-2022:7790-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7790 Issue date: 2022-11-08 CVE Names: CVE-2021-25220 ==================================================================== 1. Summary:
An update for bind is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es):
- bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, the BIND daemon (named) will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability
- Package List:
Red Hat Enterprise Linux AppStream (v. 8):
aarch64: bind-9.11.36-5.el8.aarch64.rpm bind-chroot-9.11.36-5.el8.aarch64.rpm bind-debuginfo-9.11.36-5.el8.aarch64.rpm bind-debugsource-9.11.36-5.el8.aarch64.rpm bind-devel-9.11.36-5.el8.aarch64.rpm bind-export-libs-debuginfo-9.11.36-5.el8.aarch64.rpm bind-libs-9.11.36-5.el8.aarch64.rpm bind-libs-debuginfo-9.11.36-5.el8.aarch64.rpm bind-libs-lite-9.11.36-5.el8.aarch64.rpm bind-libs-lite-debuginfo-9.11.36-5.el8.aarch64.rpm bind-lite-devel-9.11.36-5.el8.aarch64.rpm bind-pkcs11-9.11.36-5.el8.aarch64.rpm bind-pkcs11-debuginfo-9.11.36-5.el8.aarch64.rpm bind-pkcs11-devel-9.11.36-5.el8.aarch64.rpm bind-pkcs11-libs-9.11.36-5.el8.aarch64.rpm bind-pkcs11-libs-debuginfo-9.11.36-5.el8.aarch64.rpm bind-pkcs11-utils-9.11.36-5.el8.aarch64.rpm bind-pkcs11-utils-debuginfo-9.11.36-5.el8.aarch64.rpm bind-sdb-9.11.36-5.el8.aarch64.rpm bind-sdb-chroot-9.11.36-5.el8.aarch64.rpm bind-sdb-debuginfo-9.11.36-5.el8.aarch64.rpm bind-utils-9.11.36-5.el8.aarch64.rpm bind-utils-debuginfo-9.11.36-5.el8.aarch64.rpm
noarch: bind-license-9.11.36-5.el8.noarch.rpm python3-bind-9.11.36-5.el8.noarch.rpm
ppc64le: bind-9.11.36-5.el8.ppc64le.rpm bind-chroot-9.11.36-5.el8.ppc64le.rpm bind-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-debugsource-9.11.36-5.el8.ppc64le.rpm bind-devel-9.11.36-5.el8.ppc64le.rpm bind-export-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-libs-9.11.36-5.el8.ppc64le.rpm bind-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-libs-lite-9.11.36-5.el8.ppc64le.rpm bind-libs-lite-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-lite-devel-9.11.36-5.el8.ppc64le.rpm bind-pkcs11-9.11.36-5.el8.ppc64le.rpm bind-pkcs11-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-pkcs11-devel-9.11.36-5.el8.ppc64le.rpm bind-pkcs11-libs-9.11.36-5.el8.ppc64le.rpm bind-pkcs11-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-pkcs11-utils-9.11.36-5.el8.ppc64le.rpm bind-pkcs11-utils-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-sdb-9.11.36-5.el8.ppc64le.rpm bind-sdb-chroot-9.11.36-5.el8.ppc64le.rpm bind-sdb-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-utils-9.11.36-5.el8.ppc64le.rpm bind-utils-debuginfo-9.11.36-5.el8.ppc64le.rpm
s390x: bind-9.11.36-5.el8.s390x.rpm bind-chroot-9.11.36-5.el8.s390x.rpm bind-debuginfo-9.11.36-5.el8.s390x.rpm bind-debugsource-9.11.36-5.el8.s390x.rpm bind-devel-9.11.36-5.el8.s390x.rpm bind-export-libs-debuginfo-9.11.36-5.el8.s390x.rpm bind-libs-9.11.36-5.el8.s390x.rpm bind-libs-debuginfo-9.11.36-5.el8.s390x.rpm bind-libs-lite-9.11.36-5.el8.s390x.rpm bind-libs-lite-debuginfo-9.11.36-5.el8.s390x.rpm bind-lite-devel-9.11.36-5.el8.s390x.rpm bind-pkcs11-9.11.36-5.el8.s390x.rpm bind-pkcs11-debuginfo-9.11.36-5.el8.s390x.rpm bind-pkcs11-devel-9.11.36-5.el8.s390x.rpm bind-pkcs11-libs-9.11.36-5.el8.s390x.rpm bind-pkcs11-libs-debuginfo-9.11.36-5.el8.s390x.rpm bind-pkcs11-utils-9.11.36-5.el8.s390x.rpm bind-pkcs11-utils-debuginfo-9.11.36-5.el8.s390x.rpm bind-sdb-9.11.36-5.el8.s390x.rpm bind-sdb-chroot-9.11.36-5.el8.s390x.rpm bind-sdb-debuginfo-9.11.36-5.el8.s390x.rpm bind-utils-9.11.36-5.el8.s390x.rpm bind-utils-debuginfo-9.11.36-5.el8.s390x.rpm
x86_64: bind-9.11.36-5.el8.x86_64.rpm bind-chroot-9.11.36-5.el8.x86_64.rpm bind-debuginfo-9.11.36-5.el8.i686.rpm bind-debuginfo-9.11.36-5.el8.x86_64.rpm bind-debugsource-9.11.36-5.el8.i686.rpm bind-debugsource-9.11.36-5.el8.x86_64.rpm bind-devel-9.11.36-5.el8.i686.rpm bind-devel-9.11.36-5.el8.x86_64.rpm bind-export-libs-debuginfo-9.11.36-5.el8.i686.rpm bind-export-libs-debuginfo-9.11.36-5.el8.x86_64.rpm bind-libs-9.11.36-5.el8.i686.rpm bind-libs-9.11.36-5.el8.x86_64.rpm bind-libs-debuginfo-9.11.36-5.el8.i686.rpm bind-libs-debuginfo-9.11.36-5.el8.x86_64.rpm bind-libs-lite-9.11.36-5.el8.i686.rpm bind-libs-lite-9.11.36-5.el8.x86_64.rpm bind-libs-lite-debuginfo-9.11.36-5.el8.i686.rpm bind-libs-lite-debuginfo-9.11.36-5.el8.x86_64.rpm bind-lite-devel-9.11.36-5.el8.i686.rpm bind-lite-devel-9.11.36-5.el8.x86_64.rpm bind-pkcs11-9.11.36-5.el8.x86_64.rpm bind-pkcs11-debuginfo-9.11.36-5.el8.i686.rpm bind-pkcs11-debuginfo-9.11.36-5.el8.x86_64.rpm bind-pkcs11-devel-9.11.36-5.el8.i686.rpm bind-pkcs11-devel-9.11.36-5.el8.x86_64.rpm bind-pkcs11-libs-9.11.36-5.el8.i686.rpm bind-pkcs11-libs-9.11.36-5.el8.x86_64.rpm bind-pkcs11-libs-debuginfo-9.11.36-5.el8.i686.rpm bind-pkcs11-libs-debuginfo-9.11.36-5.el8.x86_64.rpm bind-pkcs11-utils-9.11.36-5.el8.x86_64.rpm bind-pkcs11-utils-debuginfo-9.11.36-5.el8.i686.rpm bind-pkcs11-utils-debuginfo-9.11.36-5.el8.x86_64.rpm bind-sdb-9.11.36-5.el8.x86_64.rpm bind-sdb-chroot-9.11.36-5.el8.x86_64.rpm bind-sdb-debuginfo-9.11.36-5.el8.i686.rpm bind-sdb-debuginfo-9.11.36-5.el8.x86_64.rpm bind-utils-9.11.36-5.el8.x86_64.rpm bind-utils-debuginfo-9.11.36-5.el8.i686.rpm bind-utils-debuginfo-9.11.36-5.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source: bind-9.11.36-5.el8.src.rpm
aarch64: bind-debuginfo-9.11.36-5.el8.aarch64.rpm bind-debugsource-9.11.36-5.el8.aarch64.rpm bind-export-devel-9.11.36-5.el8.aarch64.rpm bind-export-libs-9.11.36-5.el8.aarch64.rpm bind-export-libs-debuginfo-9.11.36-5.el8.aarch64.rpm bind-libs-debuginfo-9.11.36-5.el8.aarch64.rpm bind-libs-lite-debuginfo-9.11.36-5.el8.aarch64.rpm bind-pkcs11-debuginfo-9.11.36-5.el8.aarch64.rpm bind-pkcs11-libs-debuginfo-9.11.36-5.el8.aarch64.rpm bind-pkcs11-utils-debuginfo-9.11.36-5.el8.aarch64.rpm bind-sdb-debuginfo-9.11.36-5.el8.aarch64.rpm bind-utils-debuginfo-9.11.36-5.el8.aarch64.rpm
ppc64le: bind-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-debugsource-9.11.36-5.el8.ppc64le.rpm bind-export-devel-9.11.36-5.el8.ppc64le.rpm bind-export-libs-9.11.36-5.el8.ppc64le.rpm bind-export-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-libs-lite-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-pkcs11-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-pkcs11-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-pkcs11-utils-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-sdb-debuginfo-9.11.36-5.el8.ppc64le.rpm bind-utils-debuginfo-9.11.36-5.el8.ppc64le.rpm
s390x: bind-debuginfo-9.11.36-5.el8.s390x.rpm bind-debugsource-9.11.36-5.el8.s390x.rpm bind-export-devel-9.11.36-5.el8.s390x.rpm bind-export-libs-9.11.36-5.el8.s390x.rpm bind-export-libs-debuginfo-9.11.36-5.el8.s390x.rpm bind-libs-debuginfo-9.11.36-5.el8.s390x.rpm bind-libs-lite-debuginfo-9.11.36-5.el8.s390x.rpm bind-pkcs11-debuginfo-9.11.36-5.el8.s390x.rpm bind-pkcs11-libs-debuginfo-9.11.36-5.el8.s390x.rpm bind-pkcs11-utils-debuginfo-9.11.36-5.el8.s390x.rpm bind-sdb-debuginfo-9.11.36-5.el8.s390x.rpm bind-utils-debuginfo-9.11.36-5.el8.s390x.rpm
x86_64: bind-debuginfo-9.11.36-5.el8.i686.rpm bind-debuginfo-9.11.36-5.el8.x86_64.rpm bind-debugsource-9.11.36-5.el8.i686.rpm bind-debugsource-9.11.36-5.el8.x86_64.rpm bind-export-devel-9.11.36-5.el8.i686.rpm bind-export-devel-9.11.36-5.el8.x86_64.rpm bind-export-libs-9.11.36-5.el8.i686.rpm bind-export-libs-9.11.36-5.el8.x86_64.rpm bind-export-libs-debuginfo-9.11.36-5.el8.i686.rpm bind-export-libs-debuginfo-9.11.36-5.el8.x86_64.rpm bind-libs-debuginfo-9.11.36-5.el8.i686.rpm bind-libs-debuginfo-9.11.36-5.el8.x86_64.rpm bind-libs-lite-debuginfo-9.11.36-5.el8.i686.rpm bind-libs-lite-debuginfo-9.11.36-5.el8.x86_64.rpm bind-pkcs11-debuginfo-9.11.36-5.el8.i686.rpm bind-pkcs11-debuginfo-9.11.36-5.el8.x86_64.rpm bind-pkcs11-libs-debuginfo-9.11.36-5.el8.i686.rpm bind-pkcs11-libs-debuginfo-9.11.36-5.el8.x86_64.rpm bind-pkcs11-utils-debuginfo-9.11.36-5.el8.i686.rpm bind-pkcs11-utils-debuginfo-9.11.36-5.el8.x86_64.rpm bind-sdb-debuginfo-9.11.36-5.el8.i686.rpm bind-sdb-debuginfo-9.11.36-5.el8.x86_64.rpm bind-utils-debuginfo-9.11.36-5.el8.i686.rpm bind-utils-debuginfo-9.11.36-5.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-25220 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBY2pSOtzjgjWX9erEAQi/EBAAgHatJ8eJZYQ0LPJd4BK7VXTq7kwthxFX FX+21/U0RPPLX/7OBAh3MosX8Pwl29OIo8ZDWYzbNH9hb8S3j88fJyVQOq0Q9aIN 438xBROPR83MuHO4wvaaQsy0d+ydOZuOr81rIZYEOon3+2SgFHUn5mq0zAmNvToR cmUclst9QWw2nDGgD4nOdm3wBeKCulKgeLuJCjONE4fTclWMJKjVzw9SCxAo6V3q ye27kg5M/hnFmToMHIUWi4gTtUVfxAaX/kqNni3G/BS7H0ZMneMUVtSEm8FI0iiO QAH+UbczrvDkqHIBjsdi4QaYlkVhzmG1qjG8J8O2mngokyEF2lrKs+nA+YlkTUmY 8pvptphUv3nPAml9koCVuNJRUsFWVuGdwxbir8BBW/YyyuaWaeIPL7KFmTEzwDsE kbe/OY7yVVCLQX7prOj2hTETYVJIHJ2AXlLr0wYIl72W0S1zidv8Wu0DM0fDdl/J dNaUhnChyauNi78VaVdV4AqL2QDZ/FjJomd7+IuqNqPM0888FKsUC4+lTTZxv3/r seb6iSRXQX/7uJOjosvKiHz1u+nI5Wj7uqCB6BOOfABraGz1AmepDPPK94f/kl/u VSLOjVpseILrw4oLrxNoxfWZqXMU+M6LCob+cZ2ZI1hA7XTzIPbJkYnMDV5n8hTa 9rY/JxXD3Bs=HeAe -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202210-25
https://security.gentoo.org/
Severity: Low Title: ISC BIND: Multiple Vulnerabilities Date: October 31, 2022 Bugs: #820563, #835439, #872206 ID: 202210-25
Synopsis
Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/bind < 9.16.33 >= 9.16.33 2 net-dns/bind-tools < 9.16.33 >= 9.16.33
Description
Multiple vulnerabilities have been discovered in ISC BIND. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ISC BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.16.33"
All ISC BIND-tools users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-tools-9.16.33"
References
[ 1 ] CVE-2021-25219 https://nvd.nist.gov/vuln/detail/CVE-2021-25219 [ 2 ] CVE-2021-25220 https://nvd.nist.gov/vuln/detail/CVE-2021-25220 [ 3 ] CVE-2022-0396 https://nvd.nist.gov/vuln/detail/CVE-2022-0396 [ 4 ] CVE-2022-2795 https://nvd.nist.gov/vuln/detail/CVE-2022-2795 [ 5 ] CVE-2022-2881 https://nvd.nist.gov/vuln/detail/CVE-2022-2881 [ 6 ] CVE-2022-2906 https://nvd.nist.gov/vuln/detail/CVE-2022-2906 [ 7 ] CVE-2022-3080 https://nvd.nist.gov/vuln/detail/CVE-2022-3080 [ 8 ] CVE-2022-38177 https://nvd.nist.gov/vuln/detail/CVE-2022-38177 [ 9 ] CVE-2022-38178 https://nvd.nist.gov/vuln/detail/CVE-2022-38178
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202210-25
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-5332-1 March 17, 2022
bind9 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in Bind.
Software Description: - bind9: Internet Domain Name Server
Details:
Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results. (CVE-2021-25220)
It was discovered that Bind incorrectly handled certain crafted TCP streams. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 21.10. (CVE-2022-0396)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.10: bind9 1:9.16.15-1ubuntu1.2
Ubuntu 20.04 LTS: bind9 1:9.16.1-0ubuntu2.10
Ubuntu 18.04 LTS: bind9 1:9.11.3+dfsg-1ubuntu1.17
In general, a standard system update will make all the necessary changes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-0664",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h700e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.0"
},
{
"model": "h410c",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "h500e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.12.0"
},
{
"model": "sinec ins",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.16.8"
},
{
"model": "h300s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "19.4"
},
{
"model": "h410s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "20.4"
},
{
"model": "h500s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "21.2"
},
{
"model": "h700s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.17.0"
},
{
"model": "junos",
"scope": "lt",
"trust": 1.0,
"vendor": "juniper",
"version": "19.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "22.1"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.18.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "19.3"
},
{
"model": "sinec ins",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0"
},
{
"model": "h300e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "22.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "21.3"
},
{
"model": "bind",
"scope": "lt",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.37"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "20.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "20.2"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.4"
},
{
"model": "bind",
"scope": "lt",
"trust": 1.0,
"vendor": "isc",
"version": "9.16.27"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "21.4"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "21.1"
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "bind",
"scope": null,
"trust": 0.8,
"vendor": "isc",
"version": null
},
{
"model": "esmpro/serveragent",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
}
],
"trust": 0.6
},
"cve": "CVE-2021-25220",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2021-25220",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.3,
"id": "CVE-2021-25220",
"impactScore": 4.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2022-001797",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-25220",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "security-officer@isc.org",
"id": "CVE-2021-25220",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-25220",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-1514",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-25220",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BIND 9.11.0 -\u003e 9.11.36 9.12.0 -\u003e 9.16.26 9.17.0 -\u003e 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -\u003e 9.11.36-S1 9.16.8-S1 -\u003e 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. (CVE-2021-25220)\nBy flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver\u0027s performance, effectively denying legitimate clients access to the DNS resolution service. (CVE-2022-2795)\nBy spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38177)\nBy spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. (CVE-2022-38178). 9) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress. The dhcp packages provide a relay agent and ISC DHCP service\nrequired to enable and administer DHCP on a network. \n\nThe following advisory data is extracted from:\n\nhttps://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2720.json\n\nRed Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat\u0027s archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: bind security update\nAdvisory ID: RHSA-2022:7790-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:7790\nIssue date: 2022-11-08\nCVE Names: CVE-2021-25220\n====================================================================\n1. Summary:\n\nAn update for bind is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nSecurity Fix(es):\n\n* bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.7 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability\n\n6. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 8):\n\naarch64:\nbind-9.11.36-5.el8.aarch64.rpm\nbind-chroot-9.11.36-5.el8.aarch64.rpm\nbind-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-debugsource-9.11.36-5.el8.aarch64.rpm\nbind-devel-9.11.36-5.el8.aarch64.rpm\nbind-export-libs-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-libs-9.11.36-5.el8.aarch64.rpm\nbind-libs-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-libs-lite-9.11.36-5.el8.aarch64.rpm\nbind-libs-lite-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-lite-devel-9.11.36-5.el8.aarch64.rpm\nbind-pkcs11-9.11.36-5.el8.aarch64.rpm\nbind-pkcs11-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-pkcs11-devel-9.11.36-5.el8.aarch64.rpm\nbind-pkcs11-libs-9.11.36-5.el8.aarch64.rpm\nbind-pkcs11-libs-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-pkcs11-utils-9.11.36-5.el8.aarch64.rpm\nbind-pkcs11-utils-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-sdb-9.11.36-5.el8.aarch64.rpm\nbind-sdb-chroot-9.11.36-5.el8.aarch64.rpm\nbind-sdb-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-utils-9.11.36-5.el8.aarch64.rpm\nbind-utils-debuginfo-9.11.36-5.el8.aarch64.rpm\n\nnoarch:\nbind-license-9.11.36-5.el8.noarch.rpm\npython3-bind-9.11.36-5.el8.noarch.rpm\n\nppc64le:\nbind-9.11.36-5.el8.ppc64le.rpm\nbind-chroot-9.11.36-5.el8.ppc64le.rpm\nbind-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-debugsource-9.11.36-5.el8.ppc64le.rpm\nbind-devel-9.11.36-5.el8.ppc64le.rpm\nbind-export-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-libs-9.11.36-5.el8.ppc64le.rpm\nbind-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-libs-lite-9.11.36-5.el8.ppc64le.rpm\nbind-libs-lite-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-lite-devel-9.11.36-5.el8.ppc64le.rpm\nbind-pkcs11-9.11.36-5.el8.ppc64le.rpm\nbind-pkcs11-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-pkcs11-devel-9.11.36-5.el8.ppc64le.rpm\nbind-pkcs11-libs-9.11.36-5.el8.ppc64le.rpm\nbind-pkcs11-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-pkcs11-utils-9.11.36-5.el8.ppc64le.rpm\nbind-pkcs11-utils-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-sdb-9.11.36-5.el8.ppc64le.rpm\nbind-sdb-chroot-9.11.36-5.el8.ppc64le.rpm\nbind-sdb-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-utils-9.11.36-5.el8.ppc64le.rpm\nbind-utils-debuginfo-9.11.36-5.el8.ppc64le.rpm\n\ns390x:\nbind-9.11.36-5.el8.s390x.rpm\nbind-chroot-9.11.36-5.el8.s390x.rpm\nbind-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-debugsource-9.11.36-5.el8.s390x.rpm\nbind-devel-9.11.36-5.el8.s390x.rpm\nbind-export-libs-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-libs-9.11.36-5.el8.s390x.rpm\nbind-libs-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-libs-lite-9.11.36-5.el8.s390x.rpm\nbind-libs-lite-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-lite-devel-9.11.36-5.el8.s390x.rpm\nbind-pkcs11-9.11.36-5.el8.s390x.rpm\nbind-pkcs11-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-pkcs11-devel-9.11.36-5.el8.s390x.rpm\nbind-pkcs11-libs-9.11.36-5.el8.s390x.rpm\nbind-pkcs11-libs-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-pkcs11-utils-9.11.36-5.el8.s390x.rpm\nbind-pkcs11-utils-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-sdb-9.11.36-5.el8.s390x.rpm\nbind-sdb-chroot-9.11.36-5.el8.s390x.rpm\nbind-sdb-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-utils-9.11.36-5.el8.s390x.rpm\nbind-utils-debuginfo-9.11.36-5.el8.s390x.rpm\n\nx86_64:\nbind-9.11.36-5.el8.x86_64.rpm\nbind-chroot-9.11.36-5.el8.x86_64.rpm\nbind-debuginfo-9.11.36-5.el8.i686.rpm\nbind-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-debugsource-9.11.36-5.el8.i686.rpm\nbind-debugsource-9.11.36-5.el8.x86_64.rpm\nbind-devel-9.11.36-5.el8.i686.rpm\nbind-devel-9.11.36-5.el8.x86_64.rpm\nbind-export-libs-debuginfo-9.11.36-5.el8.i686.rpm\nbind-export-libs-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-libs-9.11.36-5.el8.i686.rpm\nbind-libs-9.11.36-5.el8.x86_64.rpm\nbind-libs-debuginfo-9.11.36-5.el8.i686.rpm\nbind-libs-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-libs-lite-9.11.36-5.el8.i686.rpm\nbind-libs-lite-9.11.36-5.el8.x86_64.rpm\nbind-libs-lite-debuginfo-9.11.36-5.el8.i686.rpm\nbind-libs-lite-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-lite-devel-9.11.36-5.el8.i686.rpm\nbind-lite-devel-9.11.36-5.el8.x86_64.rpm\nbind-pkcs11-9.11.36-5.el8.x86_64.rpm\nbind-pkcs11-debuginfo-9.11.36-5.el8.i686.rpm\nbind-pkcs11-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-pkcs11-devel-9.11.36-5.el8.i686.rpm\nbind-pkcs11-devel-9.11.36-5.el8.x86_64.rpm\nbind-pkcs11-libs-9.11.36-5.el8.i686.rpm\nbind-pkcs11-libs-9.11.36-5.el8.x86_64.rpm\nbind-pkcs11-libs-debuginfo-9.11.36-5.el8.i686.rpm\nbind-pkcs11-libs-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-pkcs11-utils-9.11.36-5.el8.x86_64.rpm\nbind-pkcs11-utils-debuginfo-9.11.36-5.el8.i686.rpm\nbind-pkcs11-utils-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-sdb-9.11.36-5.el8.x86_64.rpm\nbind-sdb-chroot-9.11.36-5.el8.x86_64.rpm\nbind-sdb-debuginfo-9.11.36-5.el8.i686.rpm\nbind-sdb-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-utils-9.11.36-5.el8.x86_64.rpm\nbind-utils-debuginfo-9.11.36-5.el8.i686.rpm\nbind-utils-debuginfo-9.11.36-5.el8.x86_64.rpm\n\nRed Hat Enterprise Linux BaseOS (v. 8):\n\nSource:\nbind-9.11.36-5.el8.src.rpm\n\naarch64:\nbind-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-debugsource-9.11.36-5.el8.aarch64.rpm\nbind-export-devel-9.11.36-5.el8.aarch64.rpm\nbind-export-libs-9.11.36-5.el8.aarch64.rpm\nbind-export-libs-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-libs-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-libs-lite-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-pkcs11-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-pkcs11-libs-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-pkcs11-utils-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-sdb-debuginfo-9.11.36-5.el8.aarch64.rpm\nbind-utils-debuginfo-9.11.36-5.el8.aarch64.rpm\n\nppc64le:\nbind-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-debugsource-9.11.36-5.el8.ppc64le.rpm\nbind-export-devel-9.11.36-5.el8.ppc64le.rpm\nbind-export-libs-9.11.36-5.el8.ppc64le.rpm\nbind-export-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-libs-lite-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-pkcs11-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-pkcs11-libs-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-pkcs11-utils-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-sdb-debuginfo-9.11.36-5.el8.ppc64le.rpm\nbind-utils-debuginfo-9.11.36-5.el8.ppc64le.rpm\n\ns390x:\nbind-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-debugsource-9.11.36-5.el8.s390x.rpm\nbind-export-devel-9.11.36-5.el8.s390x.rpm\nbind-export-libs-9.11.36-5.el8.s390x.rpm\nbind-export-libs-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-libs-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-libs-lite-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-pkcs11-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-pkcs11-libs-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-pkcs11-utils-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-sdb-debuginfo-9.11.36-5.el8.s390x.rpm\nbind-utils-debuginfo-9.11.36-5.el8.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.11.36-5.el8.i686.rpm\nbind-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-debugsource-9.11.36-5.el8.i686.rpm\nbind-debugsource-9.11.36-5.el8.x86_64.rpm\nbind-export-devel-9.11.36-5.el8.i686.rpm\nbind-export-devel-9.11.36-5.el8.x86_64.rpm\nbind-export-libs-9.11.36-5.el8.i686.rpm\nbind-export-libs-9.11.36-5.el8.x86_64.rpm\nbind-export-libs-debuginfo-9.11.36-5.el8.i686.rpm\nbind-export-libs-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-libs-debuginfo-9.11.36-5.el8.i686.rpm\nbind-libs-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-libs-lite-debuginfo-9.11.36-5.el8.i686.rpm\nbind-libs-lite-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-pkcs11-debuginfo-9.11.36-5.el8.i686.rpm\nbind-pkcs11-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-pkcs11-libs-debuginfo-9.11.36-5.el8.i686.rpm\nbind-pkcs11-libs-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-pkcs11-utils-debuginfo-9.11.36-5.el8.i686.rpm\nbind-pkcs11-utils-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-sdb-debuginfo-9.11.36-5.el8.i686.rpm\nbind-sdb-debuginfo-9.11.36-5.el8.x86_64.rpm\nbind-utils-debuginfo-9.11.36-5.el8.i686.rpm\nbind-utils-debuginfo-9.11.36-5.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-25220\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBY2pSOtzjgjWX9erEAQi/EBAAgHatJ8eJZYQ0LPJd4BK7VXTq7kwthxFX\nFX+21/U0RPPLX/7OBAh3MosX8Pwl29OIo8ZDWYzbNH9hb8S3j88fJyVQOq0Q9aIN\n438xBROPR83MuHO4wvaaQsy0d+ydOZuOr81rIZYEOon3+2SgFHUn5mq0zAmNvToR\ncmUclst9QWw2nDGgD4nOdm3wBeKCulKgeLuJCjONE4fTclWMJKjVzw9SCxAo6V3q\nye27kg5M/hnFmToMHIUWi4gTtUVfxAaX/kqNni3G/BS7H0ZMneMUVtSEm8FI0iiO\nQAH+UbczrvDkqHIBjsdi4QaYlkVhzmG1qjG8J8O2mngokyEF2lrKs+nA+YlkTUmY\n8pvptphUv3nPAml9koCVuNJRUsFWVuGdwxbir8BBW/YyyuaWaeIPL7KFmTEzwDsE\nkbe/OY7yVVCLQX7prOj2hTETYVJIHJ2AXlLr0wYIl72W0S1zidv8Wu0DM0fDdl/J\ndNaUhnChyauNi78VaVdV4AqL2QDZ/FjJomd7+IuqNqPM0888FKsUC4+lTTZxv3/r\nseb6iSRXQX/7uJOjosvKiHz1u+nI5Wj7uqCB6BOOfABraGz1AmepDPPK94f/kl/u\nVSLOjVpseILrw4oLrxNoxfWZqXMU+M6LCob+cZ2ZI1hA7XTzIPbJkYnMDV5n8hTa\n9rY/JxXD3Bs=HeAe\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202210-25\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: ISC BIND: Multiple Vulnerabilities\n Date: October 31, 2022\n Bugs: #820563, #835439, #872206\n ID: 202210-25\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in ISC BIND, the worst of\nwhich could result in denial of service. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/bind \u003c 9.16.33 \u003e= 9.16.33\n 2 net-dns/bind-tools \u003c 9.16.33 \u003e= 9.16.33\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ISC BIND. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ISC BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.16.33\"\n\nAll ISC BIND-tools users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-tools-9.16.33\"\n\nReferences\n==========\n\n[ 1 ] CVE-2021-25219\n https://nvd.nist.gov/vuln/detail/CVE-2021-25219\n[ 2 ] CVE-2021-25220\n https://nvd.nist.gov/vuln/detail/CVE-2021-25220\n[ 3 ] CVE-2022-0396\n https://nvd.nist.gov/vuln/detail/CVE-2022-0396\n[ 4 ] CVE-2022-2795\n https://nvd.nist.gov/vuln/detail/CVE-2022-2795\n[ 5 ] CVE-2022-2881\n https://nvd.nist.gov/vuln/detail/CVE-2022-2881\n[ 6 ] CVE-2022-2906\n https://nvd.nist.gov/vuln/detail/CVE-2022-2906\n[ 7 ] CVE-2022-3080\n https://nvd.nist.gov/vuln/detail/CVE-2022-3080\n[ 8 ] CVE-2022-38177\n https://nvd.nist.gov/vuln/detail/CVE-2022-38177\n[ 9 ] CVE-2022-38178\n https://nvd.nist.gov/vuln/detail/CVE-2022-38178\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202210-25\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. ==========================================================================\nUbuntu Security Notice USN-5332-1\nMarch 17, 2022\n\nbind9 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 21.10\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Bind. \n\nSoftware Description:\n- bind9: Internet Domain Name Server\n\nDetails:\n\nXiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind\nincorrectly handled certain bogus NS records when using forwarders. A\nremote attacker could possibly use this issue to manipulate cache results. \n(CVE-2021-25220)\n\nIt was discovered that Bind incorrectly handled certain crafted TCP\nstreams. A remote attacker could possibly use this issue to cause Bind to\nconsume resources, leading to a denial of service. This issue only affected\nUbuntu 21.10. (CVE-2022-0396)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 21.10:\n bind9 1:9.16.15-1ubuntu1.2\n\nUbuntu 20.04 LTS:\n bind9 1:9.16.1-0ubuntu2.10\n\nUbuntu 18.04 LTS:\n bind9 1:9.11.3+dfsg-1ubuntu1.17\n\nIn general, a standard system update will make all the necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-25220"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "PACKETSTORM",
"id": "169894"
},
{
"db": "PACKETSTORM",
"id": "169846"
},
{
"db": "PACKETSTORM",
"id": "178475"
},
{
"db": "PACKETSTORM",
"id": "169745"
},
{
"db": "PACKETSTORM",
"id": "169773"
},
{
"db": "PACKETSTORM",
"id": "169587"
},
{
"db": "PACKETSTORM",
"id": "166356"
},
{
"db": "PACKETSTORM",
"id": "166354"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-25220",
"trust": 4.1
},
{
"db": "SIEMENS",
"id": "SSA-637483",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-22-258-05",
"trust": 1.5
},
{
"db": "JVN",
"id": "JVNVU99475301",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU98927070",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU92488108",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-25-105-08",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169894",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169846",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169773",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169587",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166356",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.1150",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.5750",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4616",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1223",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1289",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2694",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1183",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1160",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032124",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031701",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031728",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "170724",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-25220",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "178475",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169745",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166354",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "PACKETSTORM",
"id": "169894"
},
{
"db": "PACKETSTORM",
"id": "169846"
},
{
"db": "PACKETSTORM",
"id": "178475"
},
{
"db": "PACKETSTORM",
"id": "169745"
},
{
"db": "PACKETSTORM",
"id": "169773"
},
{
"db": "PACKETSTORM",
"id": "169587"
},
{
"db": "PACKETSTORM",
"id": "166356"
},
{
"db": "PACKETSTORM",
"id": "166354"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"id": "VAR-202203-0664",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.20766129
},
"last_update_date": "2025-12-22T22:20:05.920000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NV22-009",
"trust": 0.8,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/API7U5E7SX7BAAVFNW366FFJGD6NZZKV/"
},
{
"title": "Ubuntu Security Notice: USN-5332-2: Bind vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5332-2"
},
{
"title": "Red Hat: Moderate: dhcp security and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20228385 - Security Advisory"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227790 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: USN-5332-1: Bind vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5332-1"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20228068 - Security Advisory"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20230402 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-5105-1 bind9 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=16d84b908a424f50b3236db9219500e3"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2021-25220"
},
{
"title": "Amazon Linux 2: ALAS2-2023-2001",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2023-2001"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-166",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-166"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-138",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-138"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2021-25220 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-444",
"trust": 1.0
},
{
"problemtype": "HTTP Request Smuggling (CWE-444) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://kb.isc.org/v1/docs/cve-2021-25220"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/202210-25"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20220408-0001/"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25220"
},
{
"trust": 1.6,
"url": "https://supportportal.juniper.net/s/article/2022-10-security-bulletin-junos-os-srx-series-cache-poisoning-vulnerability-in-bind-used-by-dns-proxy-cve-2021-25220?language=en_us"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/security/cve/cve-2021-25220"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2sxt7247qtknbq67mnrgzd23adxu6e5u/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5vx3i2u3icoiei5y7oya6cholfmnh3yq/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/api7u5e7sx7baavfnw366ffjgd6nzzkv/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/de3uavcpumakg27zl5yxsp2c3riow3jz/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/nyd7us4hzrfugaj66zthfbyvp5n3oqby/"
},
{
"trust": 0.9,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-258-05"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98927070/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99475301/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92488108/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/nyd7us4hzrfugaj66zthfbyvp5n3oqby/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/api7u5e7sx7baavfnw366ffjgd6nzzkv/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5vx3i2u3icoiei5y7oya6cholfmnh3yq/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2sxt7247qtknbq67mnrgzd23adxu6e5u/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/de3uavcpumakg27zl5yxsp2c3riow3jz/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169846/red-hat-security-advisory-2022-8385-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1223"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1289"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/isc-bind-spoofing-via-dns-forwarders-cache-poisoning-37754"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4616"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169894/red-hat-security-advisory-2022-8068-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031728"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166356/ubuntu-security-notice-usn-5332-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1150"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1183"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1160"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169773/red-hat-security-advisory-2022-7643-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/170724/red-hat-security-advisory-2023-0402-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169587/gentoo-linux-security-advisory-202210-25.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-25220/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-258-05"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.5750"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031701"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2694"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032124"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0396"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-5332-2"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0396"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-5332-1"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2021-25220"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://alas.aws.amazon.com/al2/alas-2023-2001.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:8068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:8385"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2024:2720"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128584"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263896"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064512"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164032"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2720.json"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7790"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-38178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2906"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2881"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2795"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25219"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-3080"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-38177"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.16.1-0ubuntu2.10"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.16.15-1ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.11.3+dfsg-1ubuntu1.17"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "PACKETSTORM",
"id": "169894"
},
{
"db": "PACKETSTORM",
"id": "169846"
},
{
"db": "PACKETSTORM",
"id": "178475"
},
{
"db": "PACKETSTORM",
"id": "169745"
},
{
"db": "PACKETSTORM",
"id": "169773"
},
{
"db": "PACKETSTORM",
"id": "169587"
},
{
"db": "PACKETSTORM",
"id": "166356"
},
{
"db": "PACKETSTORM",
"id": "166354"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"db": "PACKETSTORM",
"id": "169894"
},
{
"db": "PACKETSTORM",
"id": "169846"
},
{
"db": "PACKETSTORM",
"id": "178475"
},
{
"db": "PACKETSTORM",
"id": "169745"
},
{
"db": "PACKETSTORM",
"id": "169773"
},
{
"db": "PACKETSTORM",
"id": "169587"
},
{
"db": "PACKETSTORM",
"id": "166356"
},
{
"db": "PACKETSTORM",
"id": "166354"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"date": "2022-11-16T16:09:16",
"db": "PACKETSTORM",
"id": "169894"
},
{
"date": "2022-11-15T16:40:52",
"db": "PACKETSTORM",
"id": "169846"
},
{
"date": "2024-05-09T15:16:06",
"db": "PACKETSTORM",
"id": "178475"
},
{
"date": "2022-11-08T13:44:36",
"db": "PACKETSTORM",
"id": "169745"
},
{
"date": "2022-11-08T13:49:24",
"db": "PACKETSTORM",
"id": "169773"
},
{
"date": "2022-10-31T14:50:53",
"db": "PACKETSTORM",
"id": "169587"
},
{
"date": "2022-03-17T15:54:34",
"db": "PACKETSTORM",
"id": "166356"
},
{
"date": "2022-03-17T15:54:20",
"db": "PACKETSTORM",
"id": "166354"
},
{
"date": "2022-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"date": "2022-05-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"date": "2022-03-23T13:15:07.680000",
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-28T00:00:00",
"db": "VULMON",
"id": "CVE-2021-25220"
},
{
"date": "2023-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-1514"
},
{
"date": "2025-04-17T07:53:00",
"db": "JVNDB",
"id": "JVNDB-2022-001797"
},
{
"date": "2023-11-09T14:44:33.733000",
"db": "NVD",
"id": "CVE-2021-25220"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "166356"
},
{
"db": "PACKETSTORM",
"id": "166354"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BIND\u00a0 Cache Pollution with Incorrect Records Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001797"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "environmental issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-1514"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.