CVE-2022-0396
Description
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.105
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2021-25220,CVE-2022-0396,CVE-2022-0635,CVE-2022-0667 are affected in BIND 9.18.0 | Windows |
| Vulnerabilities CVE-2021-25220,CVE-2022-0396 are affected in BIND 9.16.26 | Windows |
| Vulnerabilities CVE-2021-25220,CVE-2022-0396,CVE-2022-0635,CVE-2022-0667 are affected in BIND 9.18.0 | Windows |
| bind9 security update(DSA-5105-1) bind9_9.16.27-1~deb11u1_amd64.deb | Linux |
| bind9 security update(DSA-5105-1) bind9_9.11.5.P4+dfsg-5.1+deb10u7_i386.deb | Linux |
| bind9 security update(DSA-5105-1) bind9_9.11.5.P4+dfsg-5.1+deb10u7_amd64.deb | Linux |
| (RHSA-2022:7643) bind9.16 security update bind9.16-9.16.23-0.9.el8.1.x86_64.rpm | Linux |
| (RHSA-2022:7643) bind9.16 security update bind9.16-chroot-9.16.23-0.9.el8.1.x86_64.rpm | Linux |
| (RHSA-2022:7643) bind9.16 security update bind9.16-debugsource-9.16.23-0.9.el8.1.x86_64.rpm | Linux |
| (RHSA-2022:7643) bind9.16 security update bind9.16-libs-9.16.23-0.9.el8.1.x86_64.rpm | Linux |
| (RHSA-2022:7643) bind9.16 security update bind9.16-license-9.16.23-0.9.el8.1.noarch.rpm | Linux |
| (RHSA-2022:7643) bind9.16 security update bind9.16-utils-9.16.23-0.9.el8.1.x86_64.rpm | Linux |
| (RHSA-2022:8068) bind security update bind-9.16.23-5.el9_1.x86_64.rpm | Linux |
| (RHSA-2022:8068) bind security update bind-chroot-9.16.23-5.el9_1.x86_64.rpm | Linux |
| (RHSA-2022:8068) bind security update bind-debugsource-9.16.23-5.el9_1.x86_64.rpm | Linux |
| (RHSA-2022:8068) bind security update bind-dnssec-doc-9.16.23-5.el9_1.noarch.rpm | Linux |
| (RHSA-2022:8068) bind security update bind-dnssec-utils-9.16.23-5.el9_1.x86_64.rpm | Linux |
| (RHSA-2022:8068) bind security update bind-libs-9.16.23-5.el9_1.x86_64.rpm | Linux |
| (RHSA-2022:8068) bind security update bind-license-9.16.23-5.el9_1.noarch.rpm | Linux |
| (RHSA-2022:8068) bind security update bind-utils-9.16.23-5.el9_1.x86_64.rpm | Linux |
| (RHSA-2022:8068) bind security update python3-bind-9.16.23-5.el9_1.noarch.rpm | Linux |
| bind9.16 security update (RLSA-2022:7643) bind9.16-9.16.23-0.9.el8.1.x86_64.rpm | Linux |
| bind9.16 security update (RLSA-2022:7643) bind9.16-libs-9.16.23-0.9.el8.1.x86_64.rpm | Linux |
| bind9.16 security update (RLSA-2022:7643) bind9.16-utils-9.16.23-0.9.el8.1.x86_64.rpm | Linux |
| bind9.16 security update (RLSA-2022:7643) bind9.16-chroot-9.16.23-0.9.el8.1.x86_64.rpm | Linux |
| bind9.16 security update (RLSA-2022:7643) bind9.16-license-9.16.23-0.9.el8.1.noarch.rpm | Linux |
| bind security update (RLSA-2022:8068) bind-9.16.23-5.el9_1.x86_64.rpm | Linux |
| bind security update (RLSA-2022:8068) bind-libs-9.16.23-5.el9_1.x86_64.rpm | Linux |
| bind security update (RLSA-2022:8068) bind-utils-9.16.23-5.el9_1.x86_64.rpm | Linux |
| bind security update (RLSA-2022:8068) bind-chroot-9.16.23-5.el9_1.x86_64.rpm | Linux |
| bind security update (RLSA-2022:8068) bind-license-9.16.23-5.el9_1.noarch.rpm | Linux |
| bind security update (RLSA-2022:8068) python3-bind-9.16.23-5.el9_1.noarch.rpm | Linux |
| bind security update (RLSA-2022:8068) bind-dnssec-doc-9.16.23-5.el9_1.noarch.rpm | Linux |
| bind security update (RLSA-2022:8068) bind-dnssec-utils-9.16.23-5.el9_1.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) python3-bind-9.16.27-1.amzn2023.0.2.noarch.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-chroot-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-devel-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-dlz-filesystem-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-dlz-ldap-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-dlz-mysql-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-dlz-sqlite3-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-dnssec-doc-9.16.27-1.amzn2023.0.2.noarch.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-dnssec-utils-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-doc-9.16.27-1.amzn2023.0.2.noarch.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-libs-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-license-9.16.27-1.amzn2023.0.2.noarch.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-pkcs11-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-pkcs11-devel-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-pkcs11-libs-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-pkcs11-utils-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| bind Security Update (ALAS2023-2023-010) bind-utils-9.16.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| Improper Resource Shutdown or Release Vulnerability (CVE-2022-0396) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234