Ubuntu: Security Advisory (USN-7836-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

bind-9.20.15-1.1 on GA media (moderate)

bind-9.20.15-1.1 on GA media Announcement ID: openSUSE-SU-2025:15659-1 Rating: moderate Cross-References: CVE-2025-40778 CVE-2025-40780 CVE-2025-8677 CVSS scores: CVE-2025-40778 SUSE : 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N CVE-2025-40778 SUSE : 9.2...

PT-2025-43611

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to network packet scheduling with the class identifier cls u32. Specifically, if the u32 replace hw knode function fails, the associated tcf bin...

SUSE CVE-2025-8677

Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1...

SUSE CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

Security Bulletin: multiple vulerability in IBM Spectrum Symphony with ISC BIND

Summary multiple vulerability in IBM Spectrum Symphony with ISC BIND Vulnerability Details CVEID:CVE-2023-4408 DESCRIPTION: The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queri...

OPENSUSE-SU-2025:15659-1 bind-9.20.15-1.1 on GA media

These are all security issues fixed in the bind-9.20.15-1.1 package on the GA media of openSUSE Tumbleweed...

ISC BIND Cache Poisoning Vulnerability (CVE-2025-40778) - Linux

ISC BIND is prone to cache poisoning attacks with unsolicited RRs. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

ISC BIND Cache Poisoning Vulnerability (CVE-2025-40780) - Windows

ISC BIND is prone to cache poisoning attacks due to a weak Pseudo Random Number Generator PRNG. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

ISC BIND DoS Vulnerability (CVE-2025-8677) - Windows

ISC BIND is prone to a denial of service DoS vulnerability via malformed DNSKEY handling. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

ISC BIND Cache Poisoning Vulnerability (CVE-2025-40778) - Windows

ISC BIND is prone to cache poisoning attacks with unsolicited RRs. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

ISC BIND DoS Vulnerability (CVE-2025-8677) - Linux

ISC BIND is prone to a denial of service DoS vulnerability via malformed DNSKEY handling. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

ISC BIND Cache Poisoning Vulnerability (CVE-2025-40780) - Linux

ISC BIND is prone to cache poisoning attacks due to a weak Pseudo Random Number Generator PRNG. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

DSA-6033-1 bind9 - security update

Bulletin has no description...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : Bind vulnerabilities (USN-7836-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7836-1 advisory. Zuyao Xu and Xiang Li discovered that Bind incorrectly handled certain malformed DNSKEY records. A remote attacker could...

SUSE CVE-2025-40780

In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.1...

[slackware-security] bind

New bind packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.18.41-i586-1slack15.0.txz: Upgraded. This update fixes security issues: DNSSEC validation fails if matching but invalid DNSKEY is...

EUVD-2025-35583

Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1...

EUVD-2025-35609

In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.1...

EUVD-2025-35581

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...