CVE-2022-2881
Summary
| CVE | CVE-2022-2881 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-09-21 11:15:00 UTC |
| Updated | 2022-11-16 20:12:00 UTC |
| Description | The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| oss-security - ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178) | MLIST | www.openwall.com | |
| CVE-2022-2881: Buffer overread in statistics channel code | CONFIRM | kb.isc.org | |
| ISC BIND: Multiple Vulnerabilities (GLSA 202210-25) — Gentoo security | GENTOO | security.gentoo.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 15139 ISC BIND Buffer Overflow Vulnerability (CVE-2022-2906, CVE-2022-2881)
- 183327 Debian Security Update for bind9 (CVE-2022-2881)
- 198945 Ubuntu Security Notification for Bind Vulnerabilities (USN-5626-1)
- 296084 Oracle Solaris 11.4 Support Repository Update (SRU) 50.126.3 Missing (CPUOCT2022)
- 502507 Alpine Linux Security Update for bind
- 502711 Alpine Linux Security Update for bind
- 710661 Gentoo Linux ISC BIND Multiple Vulnerabilities (GLSA 202210-25)