Launchpad CVE tracker

CVE 2022-3736

BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.

Related bugs and status

CVE-2022-3736 (Candidate) is related to these bugs:

Bug #1258003: DiG crashes on +nssearch with +tcp in bind9 9.18

		In	Importance	Status
1258003	DiG crashes on +nssearch with +tcp in bind9 9.18	bind9 (Ubuntu)	High	Fix Released
1258003	DiG crashes on +nssearch with +tcp in bind9 9.18	bind9 (Ubuntu Jammy)	High	Fix Released
1258003	DiG crashes on +nssearch with +tcp in bind9 9.18	bind9 (Ubuntu Kinetic)	Undecided	Fix Released

Bug #1970252: The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04

		In	Importance	Status
1970252	The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04	bind9 (Ubuntu)	High	Fix Released
1970252	The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04	bind9 (Ubuntu Jammy)	High	Fix Released
1970252	The `dig` and `host` commands core dump or give incomplete results in Ubuntu 22.04	bind9 (Ubuntu Kinetic)	High	Fix Released

Bug #2003584: Add better DEP-8 tests

		In	Importance	Status
2003584	Add better DEP-8 tests	bind9 (Ubuntu)	Undecided	Fix Released
2003584	Add better DEP-8 tests	bind9 (Ubuntu Kinetic)	Undecided	Fix Released
2003584	Add better DEP-8 tests	bind9 (Ubuntu Focal)	Undecided	New
2003584	Add better DEP-8 tests	bind9 (Ubuntu Jammy)	Undecided	Fix Released

Bug #2003586: MRE Updates 9.18.12 / 9.16.39

		In	Importance	Status
2003586	MRE Updates 9.18.12 / 9.16.39	bind9 (Ubuntu)	Undecided	Fix Released
2003586	MRE Updates 9.18.12 / 9.16.39	bind9 (Ubuntu Kinetic)	Undecided	Fix Released
2003586	MRE Updates 9.18.12 / 9.16.39	bind9 (Ubuntu Focal)	Undecided	Fix Released
2003586	MRE Updates 9.18.12 / 9.16.39	bind9 (Ubuntu Jammy)	Undecided	Fix Released
2003586	MRE Updates 9.18.12 / 9.16.39	bind-dyndb-ldap (Ubuntu)	Undecided	Fix Released
2003586	MRE Updates 9.18.12 / 9.16.39	bind-dyndb-ldap (Ubuntu Jammy)	Undecided	Fix Released
2003586	MRE Updates 9.18.12 / 9.16.39	bind-dyndb-ldap (Ubuntu Kinetic)	Undecided	Fix Released

Bug #2006410: [Debian] CVE: CVE-2022-3094 / CVE-2022-3736 / CVE-2022-3924: bind: multiple CVEs

Summary				In	Importance	Status
	2006410	[Debian] CVE: CVE-2022-3094 / CVE-2022-3736 / CVE-2022-3924: bind: multiple CVEs		StarlingX	High	Fix Released

Bug #2006972: bind9 can't load preinstalled plugins

		In	Importance	Status
2006972	bind9 can't load preinstalled plugins	bind9 (Ubuntu)	Undecided	Fix Released
2006972	bind9 can't load preinstalled plugins	bind9 (Ubuntu Jammy)	Undecided	Fix Released
2006972	bind9 can't load preinstalled plugins	bind9 (Ubuntu Lunar)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://kb.isc.org/doc...

Launchpad.net

CVE 2022-3736

Related bugs and status

Related bugs

References