VDB
ALPINE-CVE-2022-2906
ALPINE-CVE-2022-2906
PUBLISHED
CVSS 7.5 HIGH
An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.23 | bind | 9.16.17-r2, 9.9.5-r0, 9.9.4 |
| Alpine:v3.19 | bind | 9.9.1_p1-r0, 9.9.5-r0, 9.9.4 |
| Alpine:v3.17 | bind | 9.16.20-r4, 9.9.5-r0, 9.9.4 |
| Alpine:v3.16 | bind | 9.9.1_p3-r0, 0, 9.10.0-r0 |
| Alpine:v3.18 | bind | *, 9.16.5-r0, 9.16.22-r5 |
| Alpine:v3.15 | bind | 9.14.12-r0, 9.10.4_p1-r0, 9.10.4-r0 |
| Alpine:v3.20 | bind | 9.10.1-r1, 9.10.1-r2, 9.10.1_p1-r0 |
| Alpine:v3.14 | bind | 9.7.2_p1-r0, 0, 9.10.0-r0 |
| Alpine:v3.13 | bind | *, 9.11.1-r0, 9.10.1-r2 |
| Alpine:v3.21 | bind | 9.10.0-r0, 0, 9.9.2-r0 |
| Alpine:v3.22 | bind | 0, 9.10.0-r0, 9.10.0_p2-r0 |
Timeline
- Sep 21, 2022 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch