Kugadziridza zvigadziriso kumapazi akatsiga eiyo BIND DNS server 9.11.37, 9.16.27 uye 9.18.1 zvakaburitswa, izvo zvinogadzirisa zvina kusagadzikana:
- CVE-2021-25220 - mukana wekutsiva zvisirizvo marekodhi eNS muDNS server cache (cache poisoning), izvo zvinogona kutungamira kufona kune zvisirizvo DNS maseva anopa ruzivo rwenhema. Dambudziko rinozviratidza muvagadziri vanoshanda mu "mberi chekutanga" (default) kana "mberi chete" modes, kana mumwe wevanoendesa mberi akakanganiswa (NS marekodhi anogamuchirwa kubva kune anoendesa mberi anoguma ari mu cache uye anogona kuzotungamira mukuwana iyo isiriyo DNS server paunenge uchiita mibvunzo inodzokororwa).
- CVE-2022-0396 kurambwa kwesevhisi (makonesheni anorembera nekusingaperi muCLOSE_WAIT state) kwakatangwa nekutumira akagadzirwa akanyatsogadzirwa mapakeji eTCP. Dambudziko rinoonekwa chete kana chengeta-mhinduro-kurongeka marongero yakagoneswa, iyo isingashandisi neyakagadzika, uye kana chengeta-mhinduro-kurongeka sarudzo inotsanangurwa mu ACL.
- CVE-2022-0635 - iyo yakatumidzwa maitiro inogona kuparara kana ichitumira zvimwe zvikumbiro kune server. Dambudziko rinozviratidza kana uchishandisa iyo DNSSEC-Validated Cache cache, iyo inogoneswa nekusarudzika mubazi 9.18 (dnssec-validation uye synth-from-dnssec marongero).
- CVE-2022-0667 - Zvinogoneka kuti iyo yakadomwa maitiro iparadze kana ichigadzirisa zvakadzoserwa DS zvikumbiro. Dambudziko rinongoonekwa muBIND 9.18 bazi uye rinokonzerwa nekukanganisa kwakaitwa pakugadzirisa kodhi yemutengi kuti idzokorore bvunzo kugadzirisa.
Source: opennet.ru