RHSA-2026:24369 Red Hat Security Advisory: unbound security update

Bulletin has no description...

CLSA-2026-1769424072 unbound: Fix of CVE-2024-8508

CVE-2024-8508: limit number of name compression calculations per packet to prevent CPU locking and potential denial of service...

CLSA-2026-1768395381 unbound: Fix of CVE-2024-1488

Fix CVE-2024-1488: improper access control for remote control interface Previous defaults allowed any process to change unbound settings...

CLSA-2025-1765901537 unbound: Fix of CVE-2024-8508

CVE-2024-8508: limit number of name compression calculations per packet to prevent denial of service attacks...

CLSA-2025-1736503760 unbound: Fix of CVE-2024-8508

CVE-2024-8508: Limit number of name compression calculations per packet to prevent CPU lock and potential denial of service...

AZL-47771 CVE-2024-43167 affecting package unbound for versions less than 1.19.1-4

DISPUTE NOTE: this issue does not pose a security risk as it according to analysis by the original software developer, NLnet Labs falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet...

UBUNTU-CVE-2022-30699

NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue...