2339 matches found
ALSA-2026:24369 Important: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...
RHEL 8 : unbound (RHSA-2026:24365)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24365 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash...
unbound security update
1.16.2-5.11 - Fix CVE-2026-42944 RHEL-177909 - Fix CVE-2026-42959 RHEL-177809...
Oracle Linux 8 : unbound (ELSA-2026-24365)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-24365 advisory. - Fix CVE-2026-42944 RHEL-177909 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
ALSA-2026:24365 Important: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...
unbound security update
An update is available for unbound. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unbound packages provide a validating, recursive, and caching DNS or...
RHEL 10 : unbound (RHSA-2026:23231)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23231 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash...
RockyLinux 10 : unbound (RLSA-2026:23231)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:23231 advisory. unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service vi...
CVE-2026-41292
A flaw was found in Unbound. A remote attacker can exploit this vulnerability by sending queries with an excessive number of EDNS Extension Mechanisms for DNS options. This can cause Unbound threads to be held hostage while parsing and creating internal data structures for these options...
CVE-2026-42534
A flaw was found in Unbound. An adversary who can query a vulnerable Unbound instance and control a slow or malicious domain name server can exploit a vulnerability in the jostle logic. This flaw allows retransmitted queries to renew the age of slow-running queries, preventing them from being...
CVE-2026-40622
NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other 'ghost domain names' attacks, an adversary needs to control a ghost...
CVE-2026-44390
A flaw was found in Unbound. A remote attacker can exploit this vulnerability by sending specially crafted DNS responses containing very large Resource Record Sets RRsets that require name compression. This can cause Unbound to spend a significant amount of time processing these responses, leadin...
Security update for unbound
This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...
SUSE-SU-2026:2281-1 Security update for unbound
This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: 'Ghost domain name' variant bsc1265581. - CVE-2026-41292: Parsing a long list of...
ROOT-OS-DEBIAN-12-CVE-2026-41292 CVE-2026-41292 in rootio-unbound - Patched by Root
Root has patched CVE-2026-41292 in the rootio-unbound package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-42944 CVE-2026-42944 in rootio-unbound - Patched by Root
Root has patched CVE-2026-42944 in the rootio-unbound package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-42959 CVE-2026-42959 in rootio-unbound - Patched by Root
Root has patched CVE-2026-42959 in the rootio-unbound package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-42960 CVE-2026-42960 in rootio-unbound - Patched by Root
Root has patched CVE-2026-42960 in the rootio-unbound package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-33278 CVE-2026-33278 in rootio-unbound - Patched by Root
Root has patched CVE-2026-33278 in the rootio-unbound package for Root:Debian:12. Multiple fixed versions available...
RHSA-2026:23231 Red Hat Security Advisory: unbound security update
Bulletin has no description...