EUVD-2026-31103

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

CVE-2026-3039 BIND 9 server memory exhaustion during GSS-API TKEY negotiation

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

CVE-2026-3039

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

RHSA-2026:18786 Red Hat Security Advisory: bind security update

Bulletin has no description...

CVE-2026-3039

creationtimestamp| type| source ---|---|--- 2026-05-20 07:42:48+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-per-isc-bind-5 2026-05-20 10:23:00+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/isc-bind-security-advisory-av26-490 2026-05-20 14:15:07+00:00| seen|...

CVE-2026-5946

creationtimestamp| type| source ---|---|--- 2026-05-20 07:42:48+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-per-isc-bind-5 2026-05-20 10:23:00+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/isc-bind-security-advisory-av26-490 2026-05-20 14:24:10+00:00| seen|...

CVE-2026-5947

creationtimestamp| type| source ---|---|--- 2026-05-20 07:42:48+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-per-isc-bind-5 2026-05-20 10:23:00+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/isc-bind-security-advisory-av26-490 2026-05-20 14:24:10+00:00| seen|...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe: Fixed the double-free bug in vmbindioctl If the argument check during an array bind fails, the bindops is freed twice. This issue is fixed by setting bindops to NULL after freeing it. BUG: KASAN: Double-free in...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Cleaning up a dangling pointer on the bind error path The mtkdrmBind function may fail, in which case drmdevPut is called, destroying the drmdevice object. However, a pointer to that object was still being held by t...

Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7. It also affects Ansible Tower in versions 3.4.5 and 3.5.5, as well as 3.6.3, when the ldapattr and ldapentry community modules are used. This issue exposes the LDAP bind...

Astra Linux - уязвимость в bind9

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration that uses BIND’s default settings, the vulnerable code path is not exposed. However, a server can become vulnerable by explicitly setting valid values for the...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: net: usb: fixed a memory leak in smsc75xxbind Syzbot reported a memory leak in smsc75xxBind. The issue occurred when non-freeed memory remained after memory allocation due to errors. Backtrace: kmalloc include/linux/slab.h:556...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevented the potential use of a null pointer. There is one call trace that involves sndsocregistercard -sndsocbindcard-socinitpcmruntime -sndsocdaicompressnew-sndsocnewcompress. In this trace, ‘codecdai’ is...

Astra Linux - уязвимость в bind9

By flooding the target resolver with queries that exploit this flaw, an attacker can significantly impair the resolver’s performance, effectively denying legitimate clients access to the DNS resolution service...

Astra Linux - уязвимость в bind9

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode the available memory to the point where named crashes occur due to lack of resources...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpBind Syzbot created an environment that led to a state machine status that cannot be reached with a compliant CAN ID address configuration. The provided address information consisted of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In usbnet, there is a flaw where unregisternetdev is called before unbind. The commit with the commit ID 2c9d6c2b871d “usbnet: run unbind before unregisternetdev” was intended to fix a use-after-free issue when disconnecting USB...

Astra Linux - уязвимость в firefox

Under certain circumstances, calling the bind function might result in an incorrect realm being set. This could create a vulnerability related to JavaScript-implemented sandboxes, such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

Astra Linux - уязвимость в bind9

Every named instance configured to run as a recursive resolver maintains a cache database that holds the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; i...

Astra Linux - уязвимость в bind9

The code that processes control channel messages sent to named recursively calls certain functions during packet parsing. The recursion depth is limited only by the maximum acceptable packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack...