AZL-9119

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-9119.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-9119

Upstream

CVE-2022-0396

Published

2022-03-23T11:15:08Z

Modified

2026-04-01T05:23:38.699908Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator

Summary

CVE-2022-0396 affecting package bind for versions less than 9.16.29-1

Details

BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.

References

https://nvd.nist.gov/vuln/detail/CVE-2022-0396

Affected packages

Azure Linux:2 / bind

Package

Name: bind
Purl: pkg:rpm/azure-linux/bind

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.16.29-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-9119.json"