what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

CVE-2022-38178

Status Candidate

Overview

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

Related Files

Red Hat Security Advisory 2022-8609-01
Posted Nov 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8609-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.7 images. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-45485, CVE-2021-45486, CVE-2022-1996, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-2588, CVE-2022-3515, CVE-2022-38177, CVE-2022-38178, CVE-2022-40674, CVE-2022-41974
SHA-256 | 092c3af8cb2fa6d019d0f9746a7c7698aa832e8eb4f69aef485c4e5a55611aad
Red Hat Security Advisory 2022-8598-01
Posted Nov 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8598-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include bypass, code execution, integer overflow, memory leak, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, memory leak
systems | linux, redhat
advisories | CVE-2022-3515, CVE-2022-38177, CVE-2022-38178, CVE-2022-40674, CVE-2022-41974
SHA-256 | 87a90dba5877135f592e7fac3e437f62fc8129797e43ffcbcdc48798f34760eb
Gentoo Linux Security Advisory 202210-25
Posted Oct 31, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-25 - Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service. Versions less than 9.16.33 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-25219, CVE-2021-25220, CVE-2022-0396, CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178
SHA-256 | c5645f086ca62dbd16b86b41fb6e466ae81c4f68c8c5264e8e226c1c0248707b
Red Hat Security Advisory 2022-6905-01
Posted Oct 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6905-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.50. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-26945, CVE-2022-30321, CVE-2022-30322, CVE-2022-30323, CVE-2022-38177, CVE-2022-38178, CVE-2022-40674
SHA-256 | d445a81a4efdc52988749989d6a49433d48657553db0b5fda73d161d6fae6246
Red Hat Security Advisory 2022-6780-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6780-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 7317da340d674c2d8ce692b5b36244ed740f2c4167017da30464bb42c6caf71f
Red Hat Security Advisory 2022-6779-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6779-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 705f768a61d4f507cee20f3b3f7b33cc30f2db1fc918abd572a54071fc080846
Red Hat Security Advisory 2022-6778-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6778-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 781202c28e5a3d8289433d15b4535b9c6ca36818f40069d8c5b9f982d754b0ed
Red Hat Security Advisory 2022-6781-01
Posted Oct 5, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6781-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-3080, CVE-2022-38177, CVE-2022-38178
SHA-256 | 4a082bb009ab8361bc3b0cc6e4d366ace8d79f220e2ab35018a9886dc46c6a63
Red Hat Security Advisory 2022-6763-01
Posted Oct 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6763-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-3080, CVE-2022-38177, CVE-2022-38178
SHA-256 | 90a7db70273f1bcf3f0dddfd37788d5e9c87a1b7559b29fdcbb1e860a02410b1
Red Hat Security Advisory 2022-6764-01
Posted Oct 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6764-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | 98299df0e775091d0cd425d53583bd53c962a02b6a59be2d5445c8a7d756d4e6
Red Hat Security Advisory 2022-6765-01
Posted Oct 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6765-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.

tags | advisory, protocol, memory leak
systems | linux, redhat
advisories | CVE-2022-38177, CVE-2022-38178
SHA-256 | c4fc34a4dbce658a7d6f43a15de99e7c144eb84230b265c294a7594060f9a520
Debian Security Advisory 5235-1
Posted Sep 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5235-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2022-2795, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178
SHA-256 | 9fd2bd0b8d48add568238f3194fca9fcb514629ef89a06fc88c357586fed0e7d
Ubuntu Security Notice USN-5626-1
Posted Sep 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5626-1 - Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service. It was discovered that Bind incorrectly handled statistics requests. A remote attacker could possibly use this issue to obtain sensitive memory contents, or cause a denial of service. This issue only affected Ubuntu 22.04 LTS.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178
SHA-256 | 34b2988765657bb9a18a6b8e41a326b6235943782ca9236238e2273ea984abd6
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close