K000149797: BIND vulnerability CVE-2024-12705

Security Advisory Description Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 throug...

ISC BIND 9 Vulnerable to Denial-of-Service (DoS) via Memory Leaks in EdDSA DNSSEC Verification (CVE-2022-38178)

BIND 9 is vulnerable to a denial-of-service DoS issue due to the presence of a memory leak flaw in the DNSSEC verification code for the EdDSA algorithm that can occur when there is a signature length mismatch. An attacker could spoof the target resolver with responses that have malformed EdDSA...

[SECURITY] Fedora 41 Update: bind-dyndb-ldap-11.10-33.fc41

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

[SECURITY] Fedora 41 Update: bind-9.18.33-1.fc41

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

The vulnerability of the DNS BIND server, related to asymmetric resource consumption, allows attackers to cause service failures.

The vulnerability of the DNS BIND server is related to asymmetric resource consumption. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

Fedora 41 : bind / bind-dyndb-ldap (2025-3551f3ba1b)

The remote Fedora 41 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-3551f3ba1b advisory. Update to 9.16.33 2342784 Security Fixes: - DNS-over-HTTPS flooding fixes. CVE-2024-12705 - Limit additional section processing for large RDATA sets...

SUSE SLES12 Security Update : bind (SUSE-SU-2025:0389-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:0389-1 advisory. - CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Tenable has extracted the preceding description bloc...

Security update for bind

This update for bind fixes the following issues: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

SUSE-SU-2025:0427-1 Security update for bind

This update for bind fixes the following issues: - CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596...

Astra Linux - уязвимость в bind9

Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...

Astra Linux – Vulnerability in bind9

Resolver caches and authoritative zone databases that hold a significant number of Resource Records for the same hostname of any RTYPE may experience degraded performance as content is added or updated, as well as when handling client queries for this name. This issue affects BIND 9 versions 9.11...

Astra Linux - уязвимость в golang-github-containers-buildah, libpod

A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories...

Astra Linux - уязвимость в bind9

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...

Astra Linux – Vulnerability in bind9

If a server hosts a zone containing a “KEY” Resource Record, or if a resolver validates a “KEY” Resource Record from a DNSSEC-signed domain in its cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

Astra Linux - уязвимость в bind9

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0...

SUSE: Security Advisory (SUSE-SU-2025:0427-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for bind

This update for bind fixes the following issues: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

SUSE: Security Advisory (SUSE-SU-2025:0389-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Azure Linux 3.0 Security Update: bind (CVE-2024-4076)

The version of bind installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4076 advisory. - Client queries that trigger serving stale data and that also require lookups in local authoritative zone data M...

SUSE: Security Advisory (SUSE-SU-2025:0384-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...