16 matches found
CVE-2026-44390
A flaw was found in Unbound. A remote attacker can exploit this vulnerability by sending specially crafted DNS responses containing very large Resource Record Sets RRsets that require name compression. This can cause Unbound to spend a significant amount of time processing these responses, leadin...
CVE-2026-44390 Unbounded name compression in certain cases causes degradation of service
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...
CVE-2026-44390
CVE-2026-44390 affects NLnet Labs Unbound up to and including 1.25.0. The issue arises when handling replies with very large RRsets that require name compression; malicious upstream responses with such RRsets can cause Unbound to spend excessive CPU time on compression, potentially leading to deg...
CVE-2026-44390
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to...
NLnet Labs Unbound 安全漏洞
NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from unbound name compression operations when handling large RRsets, which could lead to performanc...
MiracleLinux 8 : bind-9.11.36-16.el8_10.2 (AXSA:2024-8688:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8688:02 advisory. bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam CVE-2024-1737 bind9: bind: SIG0 can be used to exhaust...
Astra Linux – Vulnerability in unbound
Unbound versions up to and including 1.21.0 contain a vulnerability when handling replies with very large RRsets that it needs to perform name compression on. Malicious upstream responses with very large RRsets can cause Unbound to spend considerable time applying name compression to downstream...
unbound: Unbounded name compression could lead to Denial of Service
A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that...
unbound: Unbounded name compression could lead to Denial of Service
A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that...
unbound: Unbounded name compression could lead to Denial of Service
A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that...
unbound: Unbounded name compression could lead to Denial of Service
A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that...
USN-7080-1 unbound vulnerability
Toshifumi Sakaguchi discovered that Unbound incorrectly handled name compression for large RRsets, which could lead to excessive CPU usage. An attacker could potentially use this issue to cause a denial of service by sending specially crafted DNS responses...
Medium: unbound
Issue Overview: NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying...
AZL-49976 CVE-2024-8508 affecting package unbound for versions less than 1.19.1-3
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...
DEBIAN-CVE-2024-8508
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...
UBUNTU-CVE-2024-8508
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...