[go: up one dir, main page]
Bug 1207475 (CVE-2022-3924) - VUL-0: CVE-2022-3924: bind: named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota
Summary: VUL-0: CVE-2022-3924: bind: named configured to answer from stale cache may t...
Status: RESOLVED FIXED
Alias: CVE-2022-3924
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Jorik Cronenberg
QA Contact: Security Team bot
URL:
Whiteboard: CVSSv3.1:SUSE:CVE-2022-3924:7.5:(AV:N...
Keywords:
Depends on:
Blocks:
 
Reported: 2023-01-24 12:55 UTC by Thomas Leroy
Modified: 2023-02-10 14:24 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 3 Thomas Leroy 2023-01-24 15:23:48 UTC 
stale-answer-client-timeout only exist in the following codestreams, that are therefore affected:
- SUSE:SLE-15-SP4:Update
- openSUSE:Factory
Comment 6 OBSbugzilla Bot 2023-01-25 17:15:06 UTC 
This is an autogenerated message for OBS integration:
This bug (1207475) was mentioned in
https://build.opensuse.org/request/show/1060984 Factory / bind
Comment 7 Jorik Cronenberg 2023-01-26 10:34:56 UTC 
Updates submitted
Comment 9 Jorik Cronenberg 2023-02-09 17:16:38 UTC 
All affected codestreams have been patched.
Comment 10 Swamp Workflow Management 2023-02-10 14:24:50 UTC 
SUSE-SU-2023:0341-1: An update that fixes three vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1207471,1207473,1207475
CVE References: CVE-2022-3094,CVE-2022-3736,CVE-2022-3924
JIRA References: SLE-24600
Sources used:
openSUSE Leap 15.4 (src):    bind-9.16.37-150400.5.17.1
SUSE Linux Enterprise Module for Server Applications 15-SP4 (src):    bind-9.16.37-150400.5.17.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    bind-9.16.37-150400.5.17.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.