Your submission was sent successfully! Close

CVE-2019-25032

Published: 27 April 2021

** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
unbound
Launchpad, Ubuntu, Debian
bionic
Released (1.6.7-1ubuntu2.4)
focal
Released (1.9.4-2ubuntu1.2)
groovy Not vulnerable
(1.11.0-1)
hirsute Not vulnerable

impish Not vulnerable

jammy Not vulnerable

precise Does not exist

trusty Needs triage

upstream
Released (1.9.6-1)
xenial Needs triage