Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-3736

BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.

Published

2023-01-26T21:15:57.940

Last Modified

2025-04-01T15:15:53.150

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	isc	bind	< 9.16.37	Yes
Application	isc	bind	< 9.18.11	Yes
Application	isc	bind	< 9.19.9	Yes
Application	isc	bind	9.16.11	Yes
Application	isc	bind	9.16.13	Yes
Application	isc	bind	9.16.14	Yes
Application	isc	bind	9.16.21	Yes
Application	isc	bind	9.16.32	Yes
Application	isc	bind	9.16.36	Yes

References

https://kb.isc.org/docs/cve-2022-3736 Vendor Advisory ([email protected])
https://kb.isc.org/docs/cve-2022-3736 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)