Oracle Linux 8 : bind9.16 (ELSA-2025-19793)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19793 advisory. - Prevent cache poisoning due to weak PRNG CVE-2025-40780 - Address various spoofing attacks CVE-2025-40778 Tenable has extracted the preceding...

RHEL 8 : bind (RHSA-2025:19835)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19835 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

Oracle Linux 8 : bind (ELSA-2025-19835)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-19835 advisory. - Address various spoofing attacks CVE-2025-40778 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Oracle Linux 9 : bind (ELSA-2025-19951)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19951 advisory. - Prevent cache poisoning due to weak PRNG CVE-2025-40780 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

Fedora: Security Advisory (FEDORA-2025-66fb3fa6b0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : bind (RHSA-2025:19951)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19951 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which...

bind security update

9.16.23-31.0.1 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-31.2 - Replace downstream fixes with upstream changes 32:9.16.23-31.1 - Prevent cache poisoning due to weak PRNG CVE-2025-40780 - Address various spoofing attacks CVE-2025-40778...

SUSE: Security Advisory (SUSE-SU-2025:3976-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RockyLinux 8 : bind9.16 (RLSA-2025:19793)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19793 advisory. bind: Cache poisoning attacks with unsolicited RRs CVE-2025-40778 bind: Cache poisoning due to weak PRNG CVE-2025-40780 Tenable has extracted the...

bind9.18 security update

32:9.18.29-4.2 - Fix upstream reported regression in recent CVE fix CVE-2025-8677 - Add upstream created test to this regression 32:9.18.29-4.1 - Refuse malformed DNSKEY records CVE-2025-8677 - Address various spoofing attacks CVE-2025-40778 - Prevent cache poisoning due to weak PRNG CVE-2025-407...

RHEL 9 : bind9.18 (RHSA-2025:19950)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19950 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which...

MGASA-2025-0271 Updated opencontainers-runc packages fix security vulnerabilities

The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt CVE-2025-31133 and a flaw in /dev/console bind-mounts can lead to container escape CVE-2025-52565. Also, arbitrary write gadgets and procfs write redirects could be used to engineer container...

[SECURITY] Fedora 43 Update: bind-9.18.41-2.fc43

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

Fedora 43 : bind (2025-3e245eae46)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-3e245eae46 advisory. Fix dual-signed domains verification, when one of algorithms is not supported. Tenable has extracted the preceding description block directly from the Fedora...

[SECURITY] Fedora 43 Update: bind-9.18.41-1.fc43

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

[SECURITY] Fedora 43 Update: bind-dyndb-ldap-11.11-8.fc43

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

F5 Networks BIG-IP : BIND vulnerability (K000157334)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000157334 advisory. Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an...

K000157334: BIND vulnerability CVE-2025-40778

Security Advisory Description Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through...

K000157317: BIND vulnerability CVE-2025-8677

Security Advisory Description Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and...

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...