SUSE 15 SP7 bind Important Fix for CVE-2025-13878 Denial of Service

suse

January 30, 2026

An update that solves one vulnerability can now be installed.

Summary

## This update for bind fixes the following issues: Upgrade to release 9.20.18: * CVE-2025-13878: Fixed incorrect length checks for BRID and HHIT records (bsc#1256997) Feature Changes: * Add more information to the rndc recursing output about fetches. * Reduce the number of outgoing queries. * Provide more information when memory allocation fails. Bug Fixes: * Make DNSSEC key rollovers more robust. * Fix a catalog zone issue, where member zones could fail to load. * Allow glue in delegations with QTYPE=ANY. * Fix slow speed when signing a large delegation zone with NSEC3 opt- out. * Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid. * Fix a possible catalog zone issue during reconfiguration. * Fix the charts in the statistics channel. * Adding NSEC3 opt-out records could leave

Topics Covered

security advisory denial of service SuSE bind important

References

* bsc#1256997

Cross-

* CVE-2025-13878

CVSS scores:

* CVE-2025-13878 ( SUSE ): 8.7

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2025-13878 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-13878 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP7

* Server Applications Module 15-SP7

* SUSE Linux Enterprise Desktop 15 SP7

* SUSE Linux Enterprise Real Time 15 SP7

* SUSE Linux Enterprise Server 15 SP7

* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

* https://www.suse.com/security/cve/CVE-2025-13878.html

* https://bugzilla.suse.com/show_bug.cgi?id=1256997

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2026:0348-1

Release Date: 2026-01-30T11:17:08Z

Rating: important

Topics Covered

security advisory denial of service SuSE bind important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE 15 SP7 bind Important Fix for CVE-2025-13878 Denial of Service

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE 15 SP7 bind Important Fix for CVE-2025-13878 Denial of Service

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!