BIND 9 Security Vulnerability Matrix

CVE-2022-38177: Memory leak in ECDSA DNSSEC verification code

CVE-2022-2881: Buffer overread in statistics channel code

CVE-2021-25214: A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

CVE-2021-25215: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

CVE-2021-25216: A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack