{"id":"CVE-2022-2795","details":"By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.","modified":"2026-04-16T00:01:30.727035681Z","published":"2022-09-21T11:15:09.470Z","related":["ALSA-2023:2261","ALSA-2023:2792","ALSA-2023:3002","CGA-8m92-7v67-v4qr","SUSE-SU-2022:3499-1","SUSE-SU-2022:3500-1","SUSE-SU-2022:3682-1","SUSE-SU-2022:3729-1","SUSE-SU-2022:3767-1","openSUSE-SU-2024:12356-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2022/09/21/3"},{"type":"ADVISORY","url":"https://kb.isc.org/docs/cve-2022-2795"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202210-25"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5235"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20241129-0002/"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2022/09/21/3"},{"type":"FIX","url":"https://kb.isc.org/docs/cve-2022-2795"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2022/09/21/3"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.isc.org/isc-projects/bind9","events":[{"introduced":"19d6c56085e97cf4ac559cdc27edd624127bcb32"},{"fixed":"35e9c6e31dd742f501624a31c3326db1c7b460fe"},{"introduced":"8db45afa1affcb823e68afdeddedf93e136f5d3e"},{"fixed":"85a6eb108e884467c4b3af414140d6b033a89a62"},{"introduced":"cab15392afd841fe3b0bacd894003376d857459a"},{"fixed":"5b2fed25f4f7d2c08b38c4d94193715cdbb2e038"}]}],"versions":["v9.18.0","v9.18.2","v9.18.3","v9.18.4","v9.18.5","v9.18.6","v9.19.0","v9.19.1","v9.19.2","v9.19.3","v9.19.4"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2795.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}