Search CVE reports
1 – 10 of 39 results
Some fixes available 3 of 7
A multi-vendor cache poisoning vulnerability named ‘Rebirthday Attack’ has been discovered in caching resolvers that support EDNS Client Subnet (ECS). Unbound is also vulnerable when compiled with ECS support,...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
unbound | Fixed | Fixed | Needs evaluation | Needs evaluation |
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
unbound | Fixed | Fixed | Fixed | Fixed |
DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
unbound | Fixed | Fixed | Fixed | Fixed |
DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
unbound | Fixed | Fixed | Fixed | Fixed |
Some fixes available 6 of 9
The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service (resource consumption) by arranging for DNS queries to be accumulated for seconds, such that responses are later sent in a pulsing burst...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
unbound | Fixed | Fixed | Fixed | Needs evaluation |
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
unbound | Fixed | Not affected | Not affected | Not affected |
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
unbound | Not affected | Not affected | Not affected | Not affected |
Some fixes available 23 of 44
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random...
7 affected packages
bind9, isc-dhcp, unbound, dnsmasq, pdns-recursor...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
bind9 | Fixed | Fixed | Fixed | Fixed |
isc-dhcp | Needs evaluation | Not affected | Not affected | Needs evaluation |
unbound | Fixed | Fixed | Fixed | Needs evaluation |
dnsmasq | Fixed | Fixed | Fixed | Fixed |
pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
knot-resolver | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
bind9-libs | Not in release | Needs evaluation | Needs evaluation | Not in release |
Some fixes available 23 of 44
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the “KeyTrap” issue. One of...
7 affected packages
bind9, isc-dhcp, unbound, dnsmasq, pdns-recursor...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
bind9 | Fixed | Fixed | Fixed | Fixed |
isc-dhcp | Needs evaluation | Not affected | Not affected | Needs evaluation |
unbound | Fixed | Fixed | Fixed | Needs evaluation |
dnsmasq | Fixed | Fixed | Fixed | Fixed |
pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
knot-resolver | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
bind9-libs | Not in release | Needs evaluation | Needs evaluation | Not in release |
Some fixes available 4 of 6
A vulnerability named ‘Non-Responsive Delegation Attack’ (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
unbound | Not affected | Fixed | Fixed | Fixed |