View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2022-2906 unimportant priority: Debian including 1 source packages (bind9), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.
An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.