Alerts This Week
Warning Icon 1 975
Alerts This Week
Warning Icon 1 975

SUSE Unbound Important Security Threats Advisory 2026-21874-1

suse
Calendar Grey June 2, 2026
Dist Suse Esm H88
SUSE releases important security update for unbound addressing multiple vulnerabilities that could lead to serious risks.
An update that solves 11 vulnerabilities can now be installed.

Summary

## This update for unbound fixes the following issues * CVE-2026-32792: Packet of death with DNSCrypt (bsc#1265583). * CVE-2026-33278: Possible remote code execution during DNSSEC validation (bsc#1265587). * CVE-2026-40622: "Ghost domain name" variant (bsc#1265581). * CVE-2026-41292: Parsing a long list of incoming EDNS options degrades performance (bsc#1265580). * CVE-2026-42534: Jostle logic bypass degrades resolution performance (bsc#1265585). * CVE-2026-42923: Degradation of service with unbounded NSEC3 hash calculations (bsc#1265589). * CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (bsc#1265578). * CVE-2026-42959: Crash during DNSSEC validation of malicious content (bsc#1265586).

Topics%20covered

Topics Covered

security advisory SuSE remote execution important DNS unbound

References

* bsc#1265578

* bsc#1265580

* bsc#1265581

* bsc#1265582

* bsc#1265583

* bsc#1265584

* bsc#1265585

* bsc#1265586

* bsc#1265587

* bsc#1265588

* bsc#1265589

Cross-

* CVE-2026-32792

* CVE-2026-33278

* CVE-2026-40622

* CVE-2026-41292

* CVE-2026-42534

* CVE-2026-42923

* CVE-2026-42944

* CVE-2026-42959

* CVE-2026-42960

* CVE-2026-44390

* CVE-2026-44608

CVSS scores:

* CVE-2026-32792 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-32792 ( NVD ): 4.6

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green

* CVE-2026-32792 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:21874-1
Release Date: 2026-05-28T15:01:59Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE remote execution important DNS unbound

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here