NLnet Labs Unbound代码问题漏洞（CVE-2022-30698）

admin

0
文章

0
评论

2023-11-30 06:37:36 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

中危 NLnet Labs Unbound代码问题漏洞（CVE-2022-30698）

CVE编号

CVE-2022-30698

利用情况

暂无

补丁情况

官方补丁

披露时间

2022-08-01

漏洞描述

NLnet Labs Unbound是NLnet Labs公司的一款开源DNS服务器。 NLnet Labs Unbound 1.16.1及之前版本存在代码问题漏洞，该漏洞源于允许恶意用户继续触发恶意域名的可解析性。

解决建议

厂商已发布了漏洞修复程序，请及时关注更新https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt

参考链接
https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/[email protected]...
https://security.gentoo.org/glsa/202212-02
https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	nlnetlabs	unbound	*		Up to (excluding) 1.16.2
	运行在以下环境
	系统	alpine_3.17	unbound	*		Up to (excluding) 1.16.2-r0
	运行在以下环境
	系统	alpine_3.18	unbound	*		Up to (excluding) 1.16.2-r0
	运行在以下环境
	系统	alpine_edge	unbound	*		Up to (excluding) 1.16.2-r0
	运行在以下环境
	系统	amazon_2022	unbound	*		Up to (excluding) 1.16.3-2.amzn2022
	运行在以下环境
	系统	amazon_2023	unbound	*		Up to (excluding) 1.16.3-2.amzn2023.0.1
	运行在以下环境
	系统	centos_8	python3-unbound	*		Up to (excluding) 1.16.2-2.el8
	运行在以下环境
	系统	debian_10	unbound	*		Up to (excluding) 1.9.0-2+deb10u3
	运行在以下环境
	系统	debian_11	unbound	*		Up to (excluding) 1.13.1-1+deb11u1
	运行在以下环境
	系统	debian_12	unbound	*		Up to (excluding) 1.16.2-1
	运行在以下环境
	系统	debian_sid	unbound	*		Up to (excluding) 1.16.2-1
	运行在以下环境
	系统	fedora_35	unbound-libs-debuginfo	*		Up to (excluding) 1.16.2-3.fc35
	运行在以下环境
	系统	fedora_36	unbound-libs-debuginfo	*		Up to (excluding) 1.16.2-3.fc36
	运行在以下环境
	系统	kylinos_aarch64_V10	python3-unbound	*		Up to (excluding) 1.11.0-4.p01.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP1	python3-unbound	*		Up to (excluding) 1.11.0-2.p03.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP2	python3-unbound	*		Up to (excluding) 1.11.0-2.p03.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP3	python3-unbound	*		Up to (excluding) 1.11.0-4.p01.ky10
	运行在以下环境
	系统	kylinos_loongarch64_V10SP1	python3-unbound	*		Up to (excluding) 1.11.0-2.p03.a.ky10
	运行在以下环境
	系统	kylinos_loongarch64_V10SP3	python3-unbound	*		Up to (excluding) 1.11.0-4.p01.a.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10	python3-unbound	*		Up to (excluding) 1.11.0-4.p01.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP1	python3-unbound	*		Up to (excluding) 1.11.0-2.p03.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP2	python3-unbound	*		Up to (excluding) 1.11.0-2.p03.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP3	python3-unbound	*		Up to (excluding) 1.11.0-4.p01.ky10
	运行在以下环境
	系统	oracle_8	oraclelinux-release	*		Up to (excluding) 1.16.2-2.el8
	运行在以下环境
	系统	oracle_9	oraclelinux-release	*		Up to (excluding) 1.16.2-2.el9
	运行在以下环境
	系统	redhat_8	python3-unbound	*		Up to (excluding) 1.16.2-2.el8
	运行在以下环境
	系统	redhat_9	python3-unbound	*		Up to (excluding) 1.16.2-2.el9
	运行在以下环境
	系统	ubuntu_18.04	unbound	*		Up to (excluding) 1.6.7-1ubuntu2.5
	运行在以下环境
	系统	ubuntu_20.04	unbound	*		Up to (excluding) 1.9.4-2ubuntu1.3
	运行在以下环境
	系统	ubuntu_22.04	unbound	*		Up to (excluding) 1.13.1-1ubuntu5.1
	运行在以下环境
	系统	ubuntu_22.10	unbound	*		Up to (excluding) 1.16.2-1
	运行在以下环境
系统	unionos_a	unbound	*		Up to (excluding) unbound-1.16.2-2.uelc20
运行在以下环境
系统	unionos_d	unbound	*		Up to (excluding) 1.9.0.6-deepin1
运行在以下环境
系统	unionos_e	unbound	*		Up to (excluding) 1.11.0-6.uel20