what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2022-3204

Status Candidate

Overview

A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for a record that relies on those unresponsive nameservers. The attack can cause a resolver to spend a lot of time/resources resolving records under a malicious delegation point where a considerable number of unresponsive NS records reside. It can trigger high CPU usage in some resolver implementations that continually look in the cache for resolved NS records in that delegation. This can lead to degraded performance and eventually denial of service in orchestrated attacks. Unbound does not suffer from high CPU usage, but resources are still needed for resolving the malicious delegation. Unbound will keep trying to resolve the record until hard limits are reached. Based on the nature of the attack and the replies, different limits could be reached. From version 1.16.3 on, Unbound introduces fixes for better performance when under load, by cutting opportunistic queries for nameserver discovery and DNSKEY prefetching and limiting the number of times a delegation point can issue a cache lookup for missing records.

Related Files

Red Hat Security Advisory 2024-2045-03
Posted Apr 25, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2045-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-3204
SHA-256 | 09d11845e70e0f108be03bd19fd2ac13757922de954df0a2ffbe3ab18e893b23
Download | Favorite | View
Red Hat Security Advisory 2023-3644-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3644-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-4235, CVE-2022-1705, CVE-2022-27664, CVE-2022-2795, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-30631, CVE-2022-3162, CVE-2022-3172, CVE-2022-3204, CVE-2022-32148, CVE-2022-32189, CVE-2022-32190
SHA-256 | d08e0901464777bd733a3a8059ea4b335dfa9bfe8b9bacda0a47df5480ff08a7
Download | Favorite | View
Red Hat Security Advisory 2023-3356-01
Posted Jun 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3356-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.9 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-26341, CVE-2021-33655, CVE-2021-33656, CVE-2022-1462, CVE-2022-1679, CVE-2022-1789, CVE-2022-20141, CVE-2022-2196, CVE-2022-25265, CVE-2022-2663, CVE-2022-2795, CVE-2022-3028, CVE-2022-30594, CVE-2022-3204
SHA-256 | 27162c7cc1e92dcc5d23d2448871d026da2046e4fa22b54bb29cc7cea099108c
Download | Favorite | View
Red Hat Security Advisory 2023-2771-01
Posted May 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2771-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-3204
SHA-256 | 07ee66e6a1ef1500e2da6d2433b6fc0d689987b652a25cc7a612e57f1c40b15d
Download | Favorite | View
Red Hat Security Advisory 2023-2370-01
Posted May 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2370-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-3204
SHA-256 | aaaa571e1e499719f20a34ab9fc9ca6db9dfe0d4d513c6c85789aa933af5b97b
Download | Favorite | View
Gentoo Linux Security Advisory 202212-02
Posted Dec 19, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202212-2 - Multiple vulnerabilities have been discovered in Unbound, the worst of which could result in denial of service. Versions less than 1.16.3 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2022-30698, CVE-2022-30699, CVE-2022-3204
SHA-256 | bc25bbca2e03be12cd98eded3c6829b21c6e5ce8d93a049f4a2f4372c26d4986
Download | Favorite | View
Ubuntu Security Notice USN-5732-1
Posted Nov 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5732-1 - It was discovered that Unbound incorrectly handled delegations with a large number of non-responsive nameservers. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-3204
SHA-256 | d5a84972ef23fdec7088587f3b3731521f203ef1328c2d358dc3fd732874a924
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    19 Files
  • 25
    Jun 25th
    5 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close