17 matches found
ISC BIND 9.20.0 < 9.20.9 / 9.21.0 < 9.21.8 Assertion Failure (cve-2025-40775)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2025-40775 advisory. - When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains a...
Azure Linux 3.0 Security Update: bind (CVE-2025-40775)
The version of bind installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-40775 advisory. - When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSI...
K000152700: BIND vulnerability CVE-2025-40775
Security Advisory Description When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20...
CVE-2025-40775 affecting package bind for versions less than 9.20.9-1
CVE-2025-40775 affecting package bind for versions less than 9.20.9-1. An upgraded version of the package is available that resolves this issue...
Security update for bind
This update for bind fixes the following issues: Update to version 9.20.9. Security issues fixed: CVE-2025-40775: denial-of-service due to assertion failure caused by the processing of a NS message with an invalid TSIG bsc1243361. CVE-2024-12705: CPU and memory exhaustion due to DNS-over-HTTPS...
Photon OS 5.0: Bindutils PHSA-2025-5.0-0525
An update of the bindutils package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0525. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
bind-9.20.9-1.1 on GA media (moderate)
bind-9.20.9-1.1 on GA media Announcement ID: openSUSE-SU-2025:15156-1 Rating: moderate Cross-References: CVE-2025-40775 CVSS scores: CVE-2025-40775 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-40775 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...
Ubuntu: Security Advisory (USN-7526-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-40775
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
CVE-2025-40775
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
CVE-2025-40775
creationtimestamp| type| source ---|---|--- 2025-05-21 12:42:29+00:00| seen| https://bsky.app/profile/isc.org/post/3lpomtemjzc2e 2025-05-21 12:55:13+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114545925360783971 2025-05-21 14:11:48+00:00| seen|...
CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
CVE-2025-40775
CVE-2025-40775 affects ISC BIND 9, specifically versions 9.20.0–9.20.8 and 9.21.0–9.21.7. The root cause is an invalid value in the TSIG algorithm field in an incoming DNS message, which causes BIND to abort with an assertion failure. The impact is remote denial of service via crafted TSIGs. A fi...
CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
CVE-2025-40775
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
ISC BIND DoS Vulnerability (CVE-2025-40775) - Linux
ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...
ISC BIND DoS Vulnerability (CVE-2025-40775) - Windows
ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...