CVE-2026-53292

The CVE concerns the Linux kernel phonet code path where pn_socket_autobind() could trigger a kernel BUG_ON() when a failed bind returns -EINVAL but pn_port() remains 0. The root cause is that pn_socket_bind() could return -EINVAL when sk->sk_state is not TCP_CLOSE even if the socket was never...

Oracle Linux 9 : unbound (ELSA-2026-18931)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-18931 advisory. 1.24.2-2 - Switch TLS configuration to follow TLS sockets by crypto-policy again RHEL-147860 - Change the default of tls-use-system-policy-versions at...

Astra Linux – Vulnerability in unbound

Unbound before version 1.9.5 allows for an integer overflow in the regional allocator through regionalalloc. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be exploited remotely or locally...

Astra Linux – Vulnerability in unbound

Unbound versions 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can lead to the execution of shell code after receiving a specially crafted answer. This issue can only be exploited if Unbound was compiled with the --enable-ipsecmod option, and Isecmod is enabled and utilized...

Astra Linux – Vulnerability in unbound

Before version 1.9.5, Unbound allowed an out-of-bounds write operation through a compressed name in rdatacopy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be remotely or locally exploited...

Astra Linux – Vulnerability in unbound

Before version 1.9.5, Unbound allowed an integer overflow in the regional allocator through the ALIGNUP macro. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be remotely or locally exploited...

Astra Linux – Vulnerability in unbound

Before version 1.9.5, Unbound allowed for an integer overflow in sldnsstr2wirednamebuforigin, resulting in an out-of-bounds write. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be remotely or locally exploited...

Astra Linux – Vulnerability in unbound

The DNS protocol in RFC 1035 and its updates allows remote attackers to cause a denial of service resource consumption by arranging for DNS queries to be accumulated over seconds. As a result, responses are sent in a pulsing burst, which can be considered traffic amplification in some cases. This...

Astra Linux – Vulnerability in unbound

Unbound from NLnet Labs, including versions up to and including 1.12.0, and NSD from NLnet Labs, including versions up to and including 4.3.3, contain a local vulnerability that allows for a local symlink attack. When creating the PID file, Unbound and NSD either create the file if it does not...

Astra Linux – Vulnerability in unbound

Unbound before version 1.9.5 allows an out-of-bounds write access in sldnsbgettokenpar. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be remotely or locally exploited...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netdevsim: use condresched in nsimdevtrapreportwork I am still seeing many syzbot reports hinting that syzbot might fool nsimdevtrapreportwork with hundreds of ports 1 Lets use condresched, and systemunboundwq instead of implicit...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xsk: Fixed an use-after-free error during socket cleanup. A use-after-free error can occur if the xskdiag interface is used after the socket has been unbound from the device. This can happen either due to the socket being closed ...

Astra Linux – Vulnerability in unbound

Unbound before version 1.9.5 can cause assertion failures and denial of service in synthcname. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an active UnBound installation cannot be exploited remotely or locally...

SUSE SLES15 Security Update : unbound (SUSE-SU-2026:2369-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2369-1 advisory. This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278:...

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

RLSA-2026:24369 Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

unbound security update

An update is available for unbound. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unbound packages provide a validating, recursive, and caching DNS or DNSS...

RLSA-2026:24365 Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

unbound security update

An update is available for unbound. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unbound packages provide a validating, recursive, and caching DNS or DNSS...

AlmaLinux 9 : unbound (ALSA-2026:24369)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24369 advisory. unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via...