RHEL 8 : bind (RHSA-2025:19835)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19835 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

Oracle Linux 9 : bind (ELSA-2025-19951)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19951 advisory. - Prevent cache poisoning due to weak PRNG CVE-2025-40780 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

Oracle Linux 9 : bind9.18 (ELSA-2025-19950)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19950 advisory. - Fix upstream reported regression in recent CVE fix CVE-2025-8677 - Refuse malformed DNSKEY records CVE-2025-8677 - Address various spoofing attacks...

Oracle Linux 8 : bind (ELSA-2025-19835)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-19835 advisory. - Address various spoofing attacks CVE-2025-40778 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

RHEL 9 : bind (RHSA-2025:19951)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19951 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which...

RHEL 9 : bind9.18 (RHSA-2025:19950)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19950 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which...

RockyLinux 8 : bind9.16 (RLSA-2025:19793)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19793 advisory. bind: Cache poisoning attacks with unsolicited RRs CVE-2025-40778 bind: Cache poisoning due to weak PRNG CVE-2025-40780 Tenable has extracted the...

Oracle Linux 8 : bind9.16 (ELSA-2025-19793)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19793 advisory. - Prevent cache poisoning due to weak PRNG CVE-2025-40780 - Address various spoofing attacks CVE-2025-40778 Tenable has extracted the preceding...

MGASA-2025-0271 Updated opencontainers-runc packages fix security vulnerabilities

The way masked paths are implemented in runc can be exploited to cause the host system to crash or halt CVE-2025-31133 and a flaw in /dev/console bind-mounts can lead to container escape CVE-2025-52565. Also, arbitrary write gadgets and procfs write redirects could be used to engineer container...

[SECURITY] Fedora 43 Update: bind-9.18.41-2.fc43

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

Fedora 43 : bind (2025-3e245eae46)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-3e245eae46 advisory. Fix dual-signed domains verification, when one of algorithms is not supported. Tenable has extracted the preceding description block directly from the Fedora...

[SECURITY] Fedora 43 Update: bind-9.18.41-1.fc43

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

[SECURITY] Fedora 43 Update: bind-dyndb-ldap-11.11-8.fc43

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

F5 Networks BIG-IP : BIND vulnerability (K000157334)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000157334 advisory. Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an...

K000157334: BIND vulnerability CVE-2025-40778

Security Advisory Description Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through...

K000157317: BIND vulnerability CVE-2025-8677

Security Advisory Description Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and...

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

RHSA-2025:19912 Red Hat Security Advisory: bind security update

Bulletin has no description...

bind security update

An update is available for bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain BIND is an implementation of the Domain Name...