Astra Linux - уязвимость в bind9

In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of the Supported Preview Edition, as well as release versions 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record that...

Unity Linux 20.1060e / 20.1070e Security Update: bind (UTSA-2026-017660)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017660 advisory. In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported Preview Edition, as...

OPENSUSE-SU-2026:20550-1 Security update for bind

This update for bind fixes the following issues: - Update to release 9.20.21 - CVE-2026-1519: maliciously crafted DNSSEC-validated zone can lead to denial of service bsc1260805. - CVE-2026-3104: memory leak in code preparing DNSSEC proofs of non-existence allows for DoS bsc1260567. - CVE-2026-311...

Authenticated query containing a TKEY record may cause named to terminate unexpectedly

...

CVE-2025-13878

Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1...

ALPINE-CVE-2025-13878

Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1...

CVE-2025-13878 Malformed BRID/HHIT records can cause named to terminate unexpectedly

Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1...

CVE-2025-13878 Malformed BRID/HHIT records can cause named to terminate unexpectedly

Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1...

MiracleLinux 8 : bind-9.11.26-6.el8 (AXSA:2021-2830:12)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2830:12 advisory. bind: Broken inbound incremental zone update IXFR can cause named to terminate unexpectedly CVE-2021-25214 Tenable has extracted the preceding description...

MiracleLinux 7 : bind-9.11.4-26.P2.7.0.1.el7.AXS7 (AXSA:2021-2406:10)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2406:10 advisory. bind: Broken inbound incremental zone update IXFR can cause named to terminate unexpectedly CVE-2021-25214 Tenable has extracted the preceding description...

EulerOS 2.0 SP10 : bind (EulerOS-SA-2023-3164)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only...

CLSA-2023-1697134400 Fix CVE(s): CVE-2023-3341

SECURITY UPDATE: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly - debian/patches/CVE-2023-3341.patch: Named and rndc do not need a lot of recursion so the depth is set to 10. - CVE-2023-3341...

CLSA-2023-1697134108 Fix CVE(s): CVE-2023-3341

SECURITY UPDATE: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly - debian/patches/CVE-2023-3341.patch: Named and rndc do not need a lot of recursion so the depth is set to 10. - CVE-2023-3341...

bind: stack exhaustion in control channel code may lead to DoS

A flaw was found in the Bind package. The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size. Depending on the environment, this may cause the packet-parsing code...

bind: stack exhaustion in control channel code may lead to DoS

A flaw was found in the Bind package. The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size. Depending on the environment, this may cause the packet-parsing code...

SUSE-SU-2023:3805-1 Security update for bind

This update for bind fixes the following issues: - CVE-2023-3341: Fixed stack exhaustion flaw in control channel code may cause named to terminate unexpectedly bsc1215472...

ISC Releases Security Advisories for BIND 9

The Internet Systems Consortium ISC has released security advisories to address vulnerabilities affecting ISC’s Berkeley Internet Name Domain BIND 9. A malicious cyber actor could exploit these vulnerabilities to cause denial-of-service conditions. CISA encourages users and administrators to revi...

Design/Logic Flaw

A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18...

CVE-2023-4236

A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18...

CVE-2023-3341 A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...