11950 matches found
SUSE-SU-2025:0355-1 Security update for bind
This update for bind fixes the following issues: Update to release 9.18.33 Security Fixes: - CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 - CVE-2024-12705: Fixes multiple issues in DNS-over-HTTPS implementation when under heavy query load...
Important: bind
Issue Overview: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate...
Amazon Linux 2 : bind (ALAS-2025-2751)
The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2751 advisory. It is possible to construct a zone such that some queries to it will generate responses containing numerous records in t...
Security update for bind
This update for bind fixes the following issues: CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...
SUSE-SU-2025:0337-1 Security update for bind
This update for bind fixes the following issues: - CVE-2024-11187: Fixes CPU exhaustion caused by many records in the additional section bsc1236596...
PT-2025-8904
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version containing the fix for the refcount leak in ax25 release Description A refcount leak occurs in the Linux kernel when an AX25 device is bound to a socket by setting the SO BINDTODEVICE socket option...
Security update for buildah
This update for buildah fixes the following issues: Update to version 1.35.5 CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use "src" values. bsc1236272 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
bind-9.20.5-1.1 on GA media (moderate)
bind-9.20.5-1.1 on GA media Announcement ID: openSUSE-SU-2025:14719-1 Rating: moderate Cross-References: CVE-2024-11187 CVE-2024-12705 CVSS scores: CVE-2024-11187 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-11187 SUSE : 8.7...
CVE-2023-3341 affecting package bind for versions less than 9.16.44-1
CVE-2023-3341 affecting package bind for versions less than 9.16.44-1. A patched version of the package is available...
OPENSUSE-SU-2025:14719-1 bind-9.20.5-1.1 on GA media
These are all security issues fixed in the bind-9.20.5-1.1 package on the GA media of openSUSE Tumbleweed...
Security update for buildah
This update for buildah fixes the following issues: Update to version 1.35.5 CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use "src" values. bsc1236272 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE CVE-2024-12705
Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...
Slackware: Security Advisory (SSA:2025-029-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ISC BIND DoS Vulnerability (CVE-2024-12705) - Windows
ISC BIND is prone to a denial of service DoS vulnerability in the DNS-over-HTTPS implementation. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
ISC BIND DoS Vulnerability (CVE-2024-12705) - Linux
ISC BIND is prone to a denial of service DoS vulnerability in the DNS-over-HTTPS implementation. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
ISC BIND DoS Vulnerability (CVE-2024-11187) - Windows
ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...
ISC BIND DoS Vulnerability (CVE-2024-11187) - Linux
ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...
CVE-2024-12705
Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...
AZL-56105 CVE-2024-12705 affecting package bind for versions less than 9.20.5-1
Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...
CVE-2024-11187
It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources...