{
  "threat_severity" : "Moderate",
  "public_date" : "2022-03-16T00:00:00Z",
  "bugzilla" : {
    "description" : "bind: DoS from specifically crafted TCP packets",
    "id" : "2064513",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064513"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.3",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-772",
  "details" : [ "BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.", "A flaw was found in Bind that incorrectly handles certain crafted TCP streams. The vulnerability allows TCP connection slots to be consumed for an indefinite time frame via a specifically crafted TCP stream sent from a client. This flaw allows a remote attacker to send specially crafted TCP streams with 'keep-response-order' enabled that could cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period, even after the client has terminated the connection. This issue results in BIND consuming resources, leading to a denial of service." ],
  "statement" : "This issue can only be triggered on BIND servers that have the keep-response-order enabled, which is not the default configuration. The keep-response-order option is an ACL block; any hosts which are specified within it will be able to trigger this issue on affected versions. \nOnly the BIND9.16 package in RHEL-8 and the BIND package in RHEL-9 are affected, because of the presence of vulnerable code in our codebase.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-11-08T00:00:00Z",
    "advisory" : "RHSA-2022:7643",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "bind9.16-32:9.16.23-0.9.el8.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2022-11-15T00:00:00Z",
    "advisory" : "RHSA-2022:8068",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "bind-32:9.16.23-5.el9_1"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "bind",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "bind",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "bind",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "dhcp",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-0396\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-0396\nhttps://kb.isc.org/docs/cve-2022-0396" ],
  "name" : "CVE-2022-0396",
  "mitigation" : {
    "value" : "To mitigate this issue in all affected versions of BIND, use the default setting of :\n~~~\nkeep-response-order { none; }\n~~~",
    "lang" : "en:us"
  },
  "csaw" : false
}