MiracleLinux 8 : bind9.16-9.16.23-0.7.el8.1 (AXSA:2022-3875:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3875:02 advisory. bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly CVE-2022-3080 bind: memory leak in...

EUVD-2022-43258

Malicious code in bioql PyPI...

A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

...

Linux Distros Unpatched Vulnerability : CVE-2023-2911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of...

Security update for bind

This update for bind fixes the following issues: Upgrade to release 9.20.11 CVE-2025-40777: Fixed a possible assertion failure when stale-answer-client-timeout is set to 0. bsc1246548 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

ALPINE-CVE-2025-40777

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

DEBIAN-CVE-2025-40777

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

USN-7641-1 bind9 vulnerability

It was discovered that Bind incorrectly handled configurations where the stale-answer-client-timeout option is set to 0. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

CVE-2025-40777 A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

CVE-2025-40777 A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

CVE-2025-40777

Summary: CVE-2025-40777 affects ISC BIND 9 where a named caching resolver configured with serve-stale-enable=yes and stale-answer-client-timeout=0 can abort due to an assertion failure while resolving a CNAME chain. Affected versions include BIND 9.20.0–9.20.10, 9.21.0–9.21.9, and 9.20.9-S1–9.20....

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-2854)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0

...

SUSE CVE-2023-2911

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

ALPINE-CVE-2023-2911

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

Stack overflow

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

CVE-2023-2911 Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Bind vulnerabilities (USN-6183-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6183-1 advisory. Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A...

SUSE CVE-2022-3736

BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and...

OESA-2023-1067 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...