Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Fedora 44 bind9-next Key Memory Leak Fix Informative CVE-2026-1519 Alert

fedora
Calendar Grey April 25, 2026
Dist Fedora Esm H88
Critical security update for Fedora 44 bind9-next addressing memory leaks and unbounded iterations. Fixes CVE-2026-1519.
Update to 9.21.20 (rhbz#2440560) Security Fixes: Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations

Summary

BIND (Berkeley Internet Name Domain) is an implementation of the DNS

(Domain Name System) protocols. BIND includes a DNS server (named),

which resolves host names to IP addresses; a resolver library

(routines for applications to use when interfacing with DNS); and

tools for verifying that the DNS server is operating properly.

Update Information:

Update to 9.21.20 (rhbz#2440560) Security Fixes: Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. (CVE-2026-1519) Fix memory leaks in code preparing DNSSEC proofs of non-existence. (CVE-2026-3104) Prevent a crash in code processing queries containing a TKEY record. (CVE-2026-3119) Fix a stack use-after-return flaw in SIG(0) handling code. (CVE-2026-3591) New Features: Provide response round-trip time (RTT) counters via statistics channel. Introduce max-delegation-servers configuration option. Bug Fixes: Fix parsing key inactivation time in KASP code. Fix the handling of key statements defined inside views. Update to 9.21.19 Security Fixes: Fix a use-after-free error in dns_client_resolve() triggered by a DNAME response. Fix a NULL pointer dereference in qp-trie cache code. Immediately remove purged ADB names and entries from the SIEVE list. Feature Changes: Record query time for all dnstap responses. Optimize TCP source port selection on Linux. and m...

Topics%20covered

Topics Covered

security advisory fedora DoS memory leak bind9-next unbound reference

Change Log

* Wed Mar 25 2026 Petr Men\u0161k - 32:9.21.20-1 - Update to 9.21.20 (rhbz#2440560)

References


[ 1 ] Bug #2440560 - bind9-next-9.21.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=2440560 [ 2 ] Bug #2451573 - CVE-2026-3591 bind9-next: BIND: Unauthorized access due to use-after-return vulnerability in DNS query handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2451573

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-01c20fe8ca' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: bind9-next
Product: Fedora 44
Version: 9.21.20
Release: 1.fc44
URL: https://www.isc.org/downloads/bind/
Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server

Topics%20covered

Topics Covered

security advisory fedora DoS memory leak bind9-next unbound reference

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here