CVE-2020-8622
- Source
- https://cve.org/CVERecord?id=CVE-2020-8622
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-8622.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-8622
- Downstream
- Related
- Published
- 2020-08-21T21:15:12.247Z
- Modified
- 2026-04-11T12:35:10.781706Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.
- Database specific
{ "unresolved_ranges": [ { "extracted_events": [ { "last_affected": "9.11.21-s1" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*" }, { "extracted_events": [ { "introduced": "8.0.0" }, { "last_affected": "8.5.0" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*" }, { "extracted_events": [ { "fixed": "2.2.2-5028" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:synology:dns_server:*:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "12.04" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "extracted_events": [ { "last_affected": "14.04" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "extracted_events": [ { "last_affected": "16.04" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "extracted_events": [ { "last_affected": "18.04" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "extracted_events": [ { "last_affected": "20.04" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*" }, { "extracted_events": [ { "last_affected": "10.0" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "31" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "32" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "15.1" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "15.2" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*" } ] }- References
-
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP/
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html
- https://kb.isc.org/docs/cve-2020-8622
- https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html
- https://security.gentoo.org/glsa/202008-19
- https://security.netapp.com/advisory/ntap-20200827-0003/
- https://usn.ubuntu.com/4468-1/
- https://usn.ubuntu.com/4468-2/
- https://www.debian.org/security/2020/dsa-4752
- https://www.synology.com/security/advisory/Synology_SA_20_19
- https://www.oracle.com/security-alerts/cpuoct2021.html
Affected packages
Git / gitlab.isc.org/isc-projects/bind9
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.isc.org/isc-projects/bind9
- Events
-
IntroducedLast affectedIntroducedLast affectedIntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affected
- Database specific
{ "extracted_events": [ { "introduced": "9.0.0" }, { "last_affected": "9.11.21" }, { "introduced": "9.12.0" }, { "last_affected": "9.16.5" }, { "introduced": "9.17.0" }, { "last_affected": "9.17.3" }, { "introduced": "0" }, { "last_affected": "9.9.3-s1" }, { "last_affected": "9.0" } ], "source": "CPE_FIELD", "cpe": [ "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" ] }
Affected versions
v9.*
v9.0.0
v9.10.0a1
v9.10.0a2
v9.10.0b1
v9.10.0b2
v9.10.0rc1
v9.11.0
v9.11.0a1
v9.11.0a2
v9.11.0a3
v9.11.0b1
v9.11.0b2
v9.11.0b3
v9.11.0rc1
v9.11.0rc2
v9.11.0rc3
v9.11.1
v9.11.11
v9.11.14
v9.11.16
v9.11.1b1
v9.11.1rc1
v9.11.1rc2
v9.11.1rc3
v9.11.21
v9.11.2b1
v9.11.2rc1
v9.11.3b1
v9.11.3rc1
v9.11.4
v9.11.4rc2
v9.11.6
v9.11.6rc1
v9.11.7
v9.11.9
v9.12.0a1
v9.12.0b1
v9.12.0b2
v9.12.0rc1
v9.13.0
v9.13.2
v9.13.3
v9.13.4
v9.13.5
v9.13.6
v9.15.0
v9.15.2
v9.15.3
v9.15.4
v9.15.7
v9.15.8
v9.16.0
v9.16.5
v9.17.3
v9.5.0a1
v9.5.0a2
v9.5.0a3
v9.5.0a4
v9.5.0a5
v9.5.0a6
v9.7.0a1
v9.9.0
v9.9.0rc3
v9.9.0rc4
v9.9.1
v9.9.2b1
v9.9.2rc1
v9.9.3b1