OESA-2026-1602 dhcp security update

The Dynamic Host Configuration Protocol DHCP is a network management protocol used on UDP/IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. Security Fixes: Unde...

[SECURITY] Fedora 42 Update: bind9-next-9.21.17-2.fc42

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

bind-9.20.18-1.1 on GA media (moderate)

bind-9.20.18-1.1 on GA media Announcement ID: openSUSE-SU-2026:10080-1 Rating: moderate Cross-References: CVE-2025-13878 CVSS scores: CVE-2025-13878 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-13878 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...

MiracleLinux 4 : bind-9.8.2-0.62.2.0.1.rc1.AXS4 (AXSA:2017-1649:04)

"The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1649:04 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names...

OESA-2025-2875 dhcp security update

The Dynamic Host Configuration Protocol DHCP is a network management protocol used on UDP/IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. Security Fixes: Unde...

OESA-2025-2842 dhcp security update

The Dynamic Host Configuration Protocol DHCP is a network management protocol used on UDP/IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. Security Fixes: Unde...

SUSE CVE-2002-1221

BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service crash via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference...

CLSA-2025-1764321323 bind: Fix of CVE-2025-40778

CVE-2025-40778: fix issue with BIND being too lenient when accepting records from answers to prevent the injection of forged data into the cache...

RLSA-2025:21111 Important: bind9.18 security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

SUSE SLES15 Security Update : bind (SUSE-SU-2025:4108-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4108-1 advisory. - CVE-2025-40778: Address various spoofing attacks bsc1252379. - CVE-2025-40780: Cache-poisoning due to weak pseudo-random number...

OESA-2025-2654 bind security update

Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. Security Fixes: Under...

bind: Cache poisoning attacks with unsolicited RRs

A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records RRs in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache...

RHEL 10 : bind (RHSA-2025:21034)

"The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21034 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

Oracle Linux 9 : bind (ELSA-2025-19951)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19951 advisory. - Prevent cache poisoning due to weak PRNG CVE-2025-40780 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

bind: Cache poisoning attacks with unsolicited RRs

A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records RRs in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache...

ISC BIND Cache Poisoning Vulnerability (CVE-2025-40780) - Linux

ISC BIND is prone to cache poisoning attacks due to a weak Pseudo Random Number Generator PRNG. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

UBUNTU-CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...