By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
CVSS Score
5.3
EPSS Score
0.004
Published
2022-09-21
The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.
CVSS Score
5.5
EPSS Score
0.006
Published
2022-09-21
An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-09-21
By sending specific queries to the resolver, an attacker can cause named to crash.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-21
Page 2