Ubuntu Security Update USN-7836-2: Bind vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,740
Reaction score
74
Credits
-1,257
USN-7836-1 fixed vulnerabilities in Bind. This update provides the corresponding fixes for Ubuntu 20.04 LTS. Original advisory details: Zuyao Xu and Xiang Li discovered that Bind incorrectly handled certain malformed DNSKEY records. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. (CVE-2025-8677) Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin Duan discovered that Bind incorrectly accepted certain records from answers. A remote attacker could possibly use this issue to perform a cache poisoning attack. (CVE-2025-40778) Amit Klein and Omer Ben Simhon discovered that Bind used a weak PRNG. A remote attacker could possibly use this issue to perform a cache poisoning attack. (CVE-2025-40780)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-7836-1: Bind vulnerabilities
Replies
0
Views
302
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8293-1: Bind vulnerabilities
Replies
0
Views
77
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8124-1: Bind vulnerabilities
Replies
0
Views
113
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-7855-2: Unbound regression
Replies
0
Views
295
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-7855-1: Unbound vulnerability
Replies
0
Views
262
LinuxBot
LinuxBot


Follow Linux.org

Members online

Total: 4,736 (members: 5, guests: 4,731)

Latest posts

Top