Linux Distros Unpatched Vulnerability : CVE-2026-33610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request t...

CVE-1999-0184

When compiled with the -DALLOWUPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993073)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993073 advisory. In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionall...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990735)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990735 advisory. In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionall...

Alibaba Cloud Linux 3 : 0067: bind (ALINUX3-SA-2024:0067)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0067 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-3094: Sending a flood of dynamic DNS updat...

Linux Distros Unpatched Vulnerability : CVE-2022-3094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory...

Amazon Linux 2 : bind (ALAS-2025-2729)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2729 advisory. Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exi...

Medium: bind

Issue Overview: Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access...

SUSE CVE-2024-36031

In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...

UBUNTU-CVE-2024-36031

In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...

Oracle Linux 8 : bind (ELSA-2023-7177)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7177 advisory. - Prevent exahustion of memory from control channel CVE-2023-3341 - Prevent the cache going over the configured limit CVE-2023-2828 - Prevent flooding with UPDA...

Oracle Linux 9 : bind (ELSA-2023-2261)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2261 advisory. - Handle subtle difference between upstream and rhel CVE-2022-3094 - Prevent flooding with UPDATE requests CVE-2022-3094 - Handle RRSIG queries when...

Important: bind

Issue Overview: By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. CVE-2022-2795 A flaw was found in the Bind package, where the resolver ca...

SUSE CVE-2018-5741

To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update...

ALPINE-CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

CVE-2022-3094 An UPDATE message flood may cause named to exhaust all available memory

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

CVE-2022-3094 An UPDATE message flood may cause named to exhaust all available memory

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

Slackware Linux 15.0 / current bind Multiple Vulnerabilities (SSA:2023-025-01)

The version of bind installed on the remote host is prior to 9.16.37 / 9.18.11. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-025-01 advisory. - BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client- timeout is...