EUVD-2025-21705

Malicious code in bioql PyPI...

Important: bind

Issue Overview: If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of...

Linux Distros Unpatched Vulnerability : CVE-2025-40777

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer- client-timeout set to 0 the only allowable value other than...

SUSE CVE-2025-40776

A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...

AZL-65553 CVE-2025-40777 affecting package bind for versions less than 9.20.15-1

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

DEBIAN-CVE-2025-40777

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

UBUNTU-CVE-2025-40777

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

ALPINE-CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

bind: named's configured cache size limit can be significantly exceeded

A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

SUSE CVE-2015-8461

Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via unspecified vectors...

SUSE CVE-2016-2088

resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a malformed packet with more than one cookie option...

CVE-2022-3080

By sending specific queries to the resolver, an attacker can cause named to crash...

Code injection

By sending specific queries to the resolver, an attacker can cause named to crash...

CVE-2022-3080

By sending specific queries to the resolver, an attacker can cause named to crash...

ISC BIND named competitive conditions loophole

ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. A contention condition vulnerability exists in the resolver.c file in named in ISC BIND versions 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2. A...