What is CVE-2022-3488?

CVE-2022-3488 is a vulnerability that affects BIND, a DNS software, which can cause the software to exit with an assertion failure under specific conditions.

What is the severity of CVE-2022-3488?

CVE-2022-3488 has a severity value of 7.5, which is considered high.

Which software is affected by CVE-2022-3488?

CVE-2022-3488 affects ISC BIND versions 9.11.4, 9.11.37, 9.16.8, and 9.16.36, specifically those with the 'supported_preview' designation.

Is there a fix for CVE-2022-3488?

Yes, ISC has released patches and workarounds to address the vulnerability. It is recommended to update to the latest version of BIND and apply the necessary fixes.

Vulnerability/
CVE-2022-3488

high

7.5

CWE

617

25/1/2023

3/8/2024

CVE-2022-3488: named may terminate unexpectedly when processing ECS options in repeated responses to iterative queries

First published: Wed Jan 25 2023(Updated: )

Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure. 'Broken' in this context is anything that would cause the resolver to reject the query response, such as a mismatch between query and answer name. This issue affects BIND 9 versions 9.11.4-S1 through 9.11.37-S1 and 9.16.8-S1 through 9.16.36-S1.

Credit: security-officer@isc.org

Affected Software	Affected Version	How to fix
ISC BIND	=9.11.4-s1
ISC BIND	=9.11.37-s1
ISC BIND	=9.16.8-s1
ISC BIND	=9.16.36-s1

Remedy

Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.37-S1.

Never miss a vulnerability like this again

Reference Links

https://kb.isc.org/docs/cve-2022-3488

Frequently Asked Questions

What is CVE-2022-3488?
CVE-2022-3488 is a vulnerability that affects BIND, a DNS software, which can cause the software to exit with an assertion failure under specific conditions.
What is the severity of CVE-2022-3488?
CVE-2022-3488 has a severity value of 7.5, which is considered high.
Which software is affected by CVE-2022-3488?
CVE-2022-3488 affects ISC BIND versions 9.11.4, 9.11.37, 9.16.8, and 9.16.36, specifically those with the 'supported_preview' designation.
How does CVE-2022-3488 affect BIND?
CVE-2022-3488 can cause BIND to exit with an assertion failure when processing repeated responses to the same query where both responses contain ECS pseudo-options, but where the first response is broken in some way.
Is there a fix for CVE-2022-3488?
Yes, ISC has released patches and workarounds to address the vulnerability. It is recommended to update to the latest version of BIND and apply the necessary fixes.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/remedy
agent/title
agent/severity
agent/author
agent/weakness
agent/last-modified-date
agent/tags
agent/event
agent/first-publish-date
agent/description
vendor/isc
canonical/isc bind
version/isc bind/9.11.4-s1
version/isc bind/9.11.37-s1
version/isc bind/9.16.8-s1
version/isc bind/9.16.36-s1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.