111 matches found
Updated bind packages fix security vulnerabilities
Updated bind package fixes security vulnerabilities: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 Amplification vulnerabilities via self-pointed glue records CVE-2026-3592 Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation CVE-2026-3593...
MGASA-2026-0163 Updated bind packages fix security vulnerabilities
Updated bind package fixes security vulnerabilities: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 Amplification vulnerabilities via self-pointed glue records CVE-2026-3592 Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation CVE-2026-3593...
SUSE CVE-2026-5950
An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...
CVE-2026-4390
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function processresendqueue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue...
CVE-2026-4390
CVE-2026-4390 affects TeamSpeak 3 Server (up to version 3.13.7). The vulnerability is in the process_resend_queue function of the Connection State Management component, where a manipulation leads to a use-after-free condition. The issue permits remote initiation of an attack under NETWORK, with L...
CVE-2026-4390
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function processresendqueue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue...
EUVD-2026-32580
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function processresendqueue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue...
CVE-2026-4390 TeamSpeak 3 Server Connection State Management process_resend_queue use after free
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function processresendqueue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue...
TeamSpeak 3 Server 资源管理错误漏洞
TeamSpeak 3 Server is a real-time voice communication server software developed by the TeamSpeak company. Versions of TeamSpeak 3 Server prior to 3.13.7 contained a resource management vulnerability. This vulnerability stemmed from the processresendqueue function in the Connection State Managemen...
PT-2026-44050
Name of the Vulnerable Software and Affected Versions TeamSpeak 3 Server versions prior to 3.13.8 Description A use after free issue exists in the Connection State Management component. The flaw occurs when the server receives two clientinit packets in rapid succession on UDP port 9987. While one...
CVE-2026-5950
A flaw was found in BIND 9. A remote, unauthenticated attacker can exploit an unbounded resend loop vulnerability in the resolver state machine during bad-server handling. By sending specially crafted queries that trigger specific retry conditions, the attacker can cause severe resource exhaustio...
Unbounded resend loop in BIND 9 resolver
...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Bind vulnerabilities (USN-8293-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8293-1 advisory. Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could...
USN-8293-1: Bind vulnerabilities
Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could possibly use this issue to cause Bind to use excessive resources, leading to a denial of service. CVE-2026-3039 Shuhan Zhang discovered that Bind incorrectly handled self-pointed...
ALPINE-CVE-2026-5950
An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...
CVE-2026-5950
The CVE-2026-5950 issue affects BIND 9 resolver logic, with an unbounded resend loop in the bad-server handling path of the state machine. This leads to remote, unauthenticated attackers exhausting resources by issuing queries that trigger specific retry conditions. Affected series include BIND 9...
CVE-2026-5950 Unbounded resend loop in BIND 9 resolver
An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...
CVE-2026-5950 Unbounded resend loop in BIND 9 resolver
An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Legacy PIC interrupts are marked with IRQLEVEL. Baoquan reported that after triggering a crash, the subsequent crash-kernel fails to boot about half of the time. This occurs due to a NULL pointer dereference in the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Fuse: Clearing FRSENT when re-adding requests into the pending list. The following warning was reported by lee bruce: ---------- Cut here ---------- WARNING: CPU: 0, PID: 8264, at fs/fuse/dev.c:300 fuserequestend+0x685/0x7e0,...