BIND Updates Address Critical Security Vulnerabilities

BIND Updates Address Critical Security Vulnerabilities

Posted on By CWS

The Internet Systems Consortium (ISC) has issued a new set of updates for BIND 9, targeting four security vulnerabilities, two of which are designated as high-severity. This move aims to enhance the security of DNS operations worldwide.

Key Vulnerabilities Addressed

Among the most critical flaws addressed is CVE-2026-3104, a memory leakage issue that affects the preparation of DNSSEC proofs of non-existence. This vulnerability allows malicious domains to trigger a memory leak in BIND resolvers. According to ISC, authoritative servers remain unaffected by this specific bug.

The issue can lead to excessive Resident Set Size (RSS) memory consumption, potentially resulting in an out-of-memory error. Furthermore, the BIND resolver may terminate unexpectedly with an assertion failure when attempting a shutdown or reload.

Impact of the High-Severity Bugs

The second high-severity vulnerability, identified as CVE-2026-1519, can cause a substantial increase in CPU usage. This occurs when the resolver processes a maliciously crafted zone during DNSSEC validation, severely limiting the number of queries the system can handle.

While disabling DNSSEC can prevent this vulnerability’s exploitation, ISC advises against this action as a security measure. Both vulnerabilities can culminate in a Denial of Service (DoS) condition, as highlighted by Ubuntu, which distributes BIND packages to its users.

Patches and Additional Security Fixes

The recent updates also address medium-severity vulnerabilities, including CVE-2026-3119, which may cause unexpected termination of the named process when handling a query with a TKEY record, and CVE-2026-3591, a use-after-return flaw in SIG(0) handling that could allow ACL bypass through crafted DNS requests.

Patches for these vulnerabilities are incorporated in BIND versions 9.18.47, 9.20.21, and 9.21.20, as well as the BIND Supported Preview Edition versions 9.18.47-S1 and 9.20.21-S1. ISC assures that, to date, there are no reports of these vulnerabilities being exploited in real-world attacks. Further details are available on ISC’s software updates page.

Related updates on security patches have also been made by major tech companies for their software, including Cisco, Apple, and Google.

Security Week News Tags:, , , , , , , , ,

Related Posts

Hackers Struggle with TP-Link Router Vulnerability Hackers Struggle with TP-Link Router Vulnerability Security Week News
Passkey Login Bypassed via WebAuthn Process Manipulation Passkey Login Bypassed via WebAuthn Process Manipulation Security Week News
Figure Tech Data Breach Exposes 1 Million User Records Figure Tech Data Breach Exposes 1 Million User Records Security Week News
Elon Musk and OpenAI’s Legal Clash Over AI’s Future Elon Musk and OpenAI’s Legal Clash Over AI’s Future Security Week News
Chinese APT Hacking Routers to Build Espionage Infrastructure Chinese APT Hacking Routers to Build Espionage Infrastructure Security Week News
Soverli Raises .6 Million for Secure Smartphone OS Soverli Raises $2.6 Million for Secure Smartphone OS Security Week News