CVE-2022-27227
Summary
| CVE | CVE-2022-27227 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-03-25 15:15:00 UTC |
| Updated | 2023-11-07 03:45:00 UTC |
| Description | In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Fedoraproject | Fedora | 34 | All | All | All |
| Operating System | Fedoraproject | Fedora | 35 | All | All | All |
| Operating System | Fedoraproject | Fedora | 36 | All | All | All |
| Application | Powerdns | Authoritative Server | All | All | All | All |
| Application | Powerdns | Recursor | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [SECURITY] Fedora 35 Update: pdns-4.6.2-1.fc35 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] Fedora 34 Update: pdns-4.6.2-1.fc34 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] Fedora 36 Update: pdns-recursor-4.6.2-1.fc36 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| [SECURITY] Fedora 36 Update: pdns-4.6.2-1.fc36 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| PowerDNS Security Advisory 2022-01: incomplete validation of incoming IXFR transfer in Authoritative Server and Recursor — PowerDNS Authoritative Server documentation | CONFIRM | doc.powerdns.com | |
| [SECURITY] Fedora 36 Update: pdns-4.6.2-1.fc36 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| [SECURITY] Fedora 35 Update: pdns-4.6.2-1.fc35 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| Security Advisories — PowerDNS Authoritative Server documentation | MISC | doc.powerdns.com | |
| [SECURITY] Fedora 34 Update: pdns-4.6.2-1.fc34 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| oss-security - Security Advisory 2022-01 for PowerDNS Authoritative Server 4.4.2, 4.5.3, 4.6.0 and PowerDNS Recursor 4.4.7, 4.5.7, 4.6.0 | MLIST | www.openwall.com | |
| PowerDNS Security Advisory 2022-01: incomplete validation of incoming IXFR transfer in Authoritative Server and Recursor — PowerDNS Recursor documentation | CONFIRM | docs.powerdns.com | |
| Security Advisories — PowerDNS Recursor documentation | MISC | docs.powerdns.com | |
| [SECURITY] Fedora 36 Update: pdns-recursor-4.6.2-1.fc36 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 183352 Debian Security Update for pdns-recursorpdns (CVE-2022-27227)
- 282597 Fedora Security Update for pdns (FEDORA-2022-8367cefdea)
- 282598 Fedora Security Update for pdns (FEDORA-2022-6e19acf414)
- 502149 Alpine Linux Security Update for pdns-recursor
- 502151 Alpine Linux Security Update for pdns
- 502327 Alpine Linux Security Update for pdns-recursor
- 502328 Alpine Linux Security Update for pdns
- 690830 Free Berkeley Software Distribution (FreeBSD) Security Update for powerdns-recursor (cb84b940-add5-11ec-9bc8-6805ca2fa271)
- 690831 Free Berkeley Software Distribution (FreeBSD) Security Update for powerdns (2cda5c88-add4-11ec-9bc8-6805ca2fa271)