Vulnerability Details CVE-2022-40188
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.7%
CVSS Severity
CVSS v3 Score 7.5
References
- https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1343#note_262558
- https://lists.debian.org/debian-lts-announce/2022/10/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIMDNIUI7GTUEKIBBYYW7OCTJQFPDNXL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2VE5K3VDUHJOIA2IGT3G5R76IBADMNE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO6LIVQS62MI5GG4OVYB5RHVZMYNHAHG/
- https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1343#note_262558
- https://lists.debian.org/debian-lts-announce/2022/10/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIMDNIUI7GTUEKIBBYYW7OCTJQFPDNXL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2VE5K3VDUHJOIA2IGT3G5R76IBADMNE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO6LIVQS62MI5GG4OVYB5RHVZMYNHAHG/
Products affected by CVE-2022-40188
-
cpe:2.3:a:nic:knot_resolver:-
-
cpe:2.3:a:nic:knot_resolver:1.0.0
-
cpe:2.3:a:nic:knot_resolver:1.1.0
-
cpe:2.3:a:nic:knot_resolver:1.1.1
-
cpe:2.3:a:nic:knot_resolver:1.2.0
-
cpe:2.3:a:nic:knot_resolver:1.2.1
-
cpe:2.3:a:nic:knot_resolver:1.2.2
-
cpe:2.3:a:nic:knot_resolver:1.2.3
-
cpe:2.3:a:nic:knot_resolver:1.2.4
-
cpe:2.3:a:nic:knot_resolver:1.2.5
-
cpe:2.3:a:nic:knot_resolver:1.2.6
-
cpe:2.3:a:nic:knot_resolver:1.3.0
-
cpe:2.3:a:nic:knot_resolver:1.3.1
-
cpe:2.3:a:nic:knot_resolver:1.3.2
-
cpe:2.3:a:nic:knot_resolver:1.3.3
-
cpe:2.3:a:nic:knot_resolver:1.4.0
-
cpe:2.3:a:nic:knot_resolver:1.5.0
-
cpe:2.3:a:nic:knot_resolver:1.5.1
-
cpe:2.3:a:nic:knot_resolver:1.5.2
-
cpe:2.3:a:nic:knot_resolver:1.5.3
-
cpe:2.3:a:nic:knot_resolver:1.99.1
-
cpe:2.3:a:nic:knot_resolver:2.0.0
-
cpe:2.3:a:nic:knot_resolver:2.1.0
-
cpe:2.3:a:nic:knot_resolver:2.1.1
-
cpe:2.3:a:nic:knot_resolver:2.2.0
-
cpe:2.3:a:nic:knot_resolver:2.3.0
-
cpe:2.3:a:nic:knot_resolver:2.4.0
-
cpe:2.3:a:nic:knot_resolver:2.4.1
-
cpe:2.3:a:nic:knot_resolver:3.0.0
-
cpe:2.3:a:nic:knot_resolver:3.1.0
-
cpe:2.3:a:nic:knot_resolver:3.2.0
-
cpe:2.3:a:nic:knot_resolver:3.2.1
-
cpe:2.3:a:nic:knot_resolver:4.0.0
-
cpe:2.3:a:nic:knot_resolver:4.1.0
-
cpe:2.3:a:nic:knot_resolver:4.2.0
-
cpe:2.3:a:nic:knot_resolver:4.2.1
-
cpe:2.3:a:nic:knot_resolver:4.2.2
-
cpe:2.3:a:nic:knot_resolver:4.3.0
-
cpe:2.3:a:nic:knot_resolver:5.0.0
-
cpe:2.3:a:nic:knot_resolver:5.0.1
-
cpe:2.3:a:nic:knot_resolver:5.1.1
-
cpe:2.3:a:nic:knot_resolver:5.5.1
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:fedoraproject:fedora:35
-
cpe:2.3:o:fedoraproject:fedora:36
-
cpe:2.3:o:fedoraproject:fedora:37