{"containers":{"cna":{"affected":[{"product":"BIND","vendor":"ISC","versions":[{"status":"affected","version":"Open Source Branch 9.18 9.18.0"}]}],"credits":[{"lang":"en","value":"ISC would like to thank Vincent Levigneron of AFNIC for reporting this issue to us and for verifying the fix and workaround."}],"datePublic":"2022-03-16T00:00:00.000Z","descriptions":[{"lang":"en","value":"Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"description":"We refactored the RFC 8198 Aggressive Use of DNSSEC-Validated Cache feature (synth-from-dnssec) for the new BIND 9.18.0 stable release, and changed the default so that is now automatically enabled for dnssec-validating resolvers. Subsequently it was found that repeated patterns of specific queries to servers with this feature enabled could cause an INSIST failure in query.c:query_dname which causes named to terminate unexpectedly. The vulnerability affects BIND resolvers running 9.18.0 that have both dnssec-validation and synth-from-dnssec enabled. (Note that dnssec-validation auto; is the default setting unless configured otherwise in named.conf and that enabling dnssec-validation automatically enables synth-from-dnssec unless explicitly disabled) Versions affected: BIND 9.18.0","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-04-08T22:06:11.000Z","orgId":"404fd4d2-a609-4245-b543-2c944a302a22","shortName":"isc"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://kb.isc.org/v1/docs/cve-2022-0635"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20220408-0001/"}],"solutions":[{"lang":"en","value":"Users of BIND 9.18.0 should upgrade to BIND 9.18.1"}],"source":{"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"The failure can be avoided by adding this option to named.conf:\nsynth-from-dnssec no;"}],"x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security-officer@isc.org","DATE_PUBLIC":"2022-03-16T11:00:00.000Z","ID":"CVE-2022-0635","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"BIND","version":{"version_data":[{"version_name":"Open Source Branch 9.18","version_value":"9.18.0"}]}}]},"vendor_name":"ISC"}]}},"credit":[{"lang":"eng","value":"ISC would like to thank Vincent Levigneron of AFNIC for reporting this issue to us and for verifying the fix and workaround."}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"We refactored the RFC 8198 Aggressive Use of DNSSEC-Validated Cache feature (synth-from-dnssec) for the new BIND 9.18.0 stable release, and changed the default so that is now automatically enabled for dnssec-validating resolvers. Subsequently it was found that repeated patterns of specific queries to servers with this feature enabled could cause an INSIST failure in query.c:query_dname which causes named to terminate unexpectedly. The vulnerability affects BIND resolvers running 9.18.0 that have both dnssec-validation and synth-from-dnssec enabled. (Note that dnssec-validation auto; is the default setting unless configured otherwise in named.conf and that enabling dnssec-validation automatically enables synth-from-dnssec unless explicitly disabled) Versions affected: BIND 9.18.0"}]}]},"references":{"reference_data":[{"name":"https://kb.isc.org/v1/docs/cve-2022-0635","refsource":"CONFIRM","url":"https://kb.isc.org/v1/docs/cve-2022-0635"},{"name":"https://security.netapp.com/advisory/ntap-20220408-0001/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20220408-0001/"}]},"solution":[{"lang":"en","value":"Users of BIND 9.18.0 should upgrade to BIND 9.18.1"}],"source":{"discovery":"EXTERNAL"},"work_around":[{"lang":"en","value":"The failure can be avoided by adding this option to named.conf:\nsynth-from-dnssec no;"}]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T23:32:46.460Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://kb.isc.org/v1/docs/cve-2022-0635"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20220408-0001/"}]}]},"cveMetadata":{"assignerOrgId":"404fd4d2-a609-4245-b543-2c944a302a22","assignerShortName":"isc","cveId":"CVE-2022-0635","datePublished":"2022-03-23T11:55:10.058Z","dateReserved":"2022-02-16T00:00:00.000Z","dateUpdated":"2024-09-17T02:21:44.299Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}