CVE
CVE-2022-38178
| CVE ID |
CVE-2022-38178
|
|---|---|
| CVSS Score |
7.5
|
| Operating System | |
| Affected Versions |
CentOS 8
|
| Patched Versions |
9.11.26-6_ol001.el8
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
NVD Listing: https://git.centos.org/rpms/bind/blob/c8/f/SOURCES/bind-9.16-CVE-2022-38178.patch
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.