BIND Updates Address Critical Security Vulnerabilities

BIND Updates Address Critical Security Vulnerabilities

Posted on By CWS

The Internet Systems Consortium (ISC) has issued a new set of updates for BIND 9, targeting four security vulnerabilities, two of which are designated as high-severity. This move aims to enhance the security of DNS operations worldwide.

Key Vulnerabilities Addressed

Among the most critical flaws addressed is CVE-2026-3104, a memory leakage issue that affects the preparation of DNSSEC proofs of non-existence. This vulnerability allows malicious domains to trigger a memory leak in BIND resolvers. According to ISC, authoritative servers remain unaffected by this specific bug.

The issue can lead to excessive Resident Set Size (RSS) memory consumption, potentially resulting in an out-of-memory error. Furthermore, the BIND resolver may terminate unexpectedly with an assertion failure when attempting a shutdown or reload.

Impact of the High-Severity Bugs

The second high-severity vulnerability, identified as CVE-2026-1519, can cause a substantial increase in CPU usage. This occurs when the resolver processes a maliciously crafted zone during DNSSEC validation, severely limiting the number of queries the system can handle.

While disabling DNSSEC can prevent this vulnerability’s exploitation, ISC advises against this action as a security measure. Both vulnerabilities can culminate in a Denial of Service (DoS) condition, as highlighted by Ubuntu, which distributes BIND packages to its users.

Patches and Additional Security Fixes

The recent updates also address medium-severity vulnerabilities, including CVE-2026-3119, which may cause unexpected termination of the named process when handling a query with a TKEY record, and CVE-2026-3591, a use-after-return flaw in SIG(0) handling that could allow ACL bypass through crafted DNS requests.

Patches for these vulnerabilities are incorporated in BIND versions 9.18.47, 9.20.21, and 9.21.20, as well as the BIND Supported Preview Edition versions 9.18.47-S1 and 9.20.21-S1. ISC assures that, to date, there are no reports of these vulnerabilities being exploited in real-world attacks. Further details are available on ISC’s software updates page.

Related updates on security patches have also been made by major tech companies for their software, including Cisco, Apple, and Google.

Security Week News Tags:, , , , , , , , ,

Related Posts

Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking Security Week News
PromptLock: First AI-Powered Ransomware Emerges PromptLock: First AI-Powered Ransomware Emerges Security Week News
Google Accelerates Chrome Releases to Bi-Weekly Schedule Google Accelerates Chrome Releases to Bi-Weekly Schedule Security Week News
Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover  Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover  Security Week News
Signs of Concealed Information in Security Management Signs of Concealed Information in Security Management Security Week News
Ericsson Data Breach Exposes Thousands’ Information Ericsson Data Breach Exposes Thousands’ Information Security Week News