9 matches found
ISC BIND 9.20.0 < 9.20.11 / 9.20.9-S1 < 9.20.11-S1 / 9.21.0 < 9.21.10 Assertion Failure (cve-2025-40777)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2025-40777 advisory. - If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer- client-timeout set to 0 the...
Linux Distros Unpatched Vulnerability : CVE-2022-49746
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dmaengine: imx-sdma: Fix a possible memory leak in sdmatransferinit If the function sdmaloadcontext fails, the sdmadesc will be freed, but the allocated desc-bd...
SUSE-SU-2025:02349-1 Security update for bind
This update for bind fixes the following issues: - Upgrade to release 9.20.11 - CVE-2025-40777: Fixed a possible assertion failure when stale-answer-client-timeout is set to 0. bsc1246548...
DEBIAN-CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
UBUNTU-CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
Malicious code in zero-timeout-message (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88a6e8ed6991cf808053c17befcdab9455effa8b8510ef06d38f819ef7958071 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
DEBIAN-CVE-2022-49443
In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep-rdllist eppoll first calls epeventsavailable with no lock held and checks if ep-rdllist is empty by listemptycareful, which reads rdllist-prev. Thus all accesses to it need some protection to avoid...
bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly
A flaw was found in the Bind package, where the resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to 0 and there is a stale CNAME in the cache for an incoming query. By sending specific queries to the resolver, an attacker can cause named...
bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly
A flaw was found in the Bind package, where the resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to 0 and there is a stale CNAME in the cache for an incoming query. By sending specific queries to the resolver, an attacker can cause named...