Alerts This Week
Warning Icon 1 815
Alerts This Week
Warning Icon 1 815

SUSE Unbound Security Update Advisory 2026-22160-1 Remote Code Exec Risks

suse
Calendar Grey June 23, 2026
Dist Suse Esm H88
Stay updated with the latest security patch for SUSE addressing important vulnerabilities in Unbound. Act now!
An update that solves 11 vulnerabilities can now be installed.

Summary

## This update for unbound fixes the following issues * CVE-2026-32792: Packet of death with DNSCrypt (bsc#1265583). * CVE-2026-33278: Possible remote code execution during DNSSEC validation (bsc#1265587). * CVE-2026-40622: "Ghost domain name" variant (bsc#1265581). * CVE-2026-41292: Parsing a long list of incoming EDNS options degrades performance (bsc#1265580). * CVE-2026-42534: Jostle logic bypass degrades resolution performance (bsc#1265585). * CVE-2026-42923: Degradation of service with unbounded NSEC3 hash calculations (bsc#1265589). * CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (bsc#1265578). * CVE-2026-42959: Crash during DNSSEC validation of malicious content (bsc#1265586).

Topics%20covered

Topics Covered

security advisory SuSE remote code execution important service degradation unbound

References

* bsc#1265578

* bsc#1265580

* bsc#1265581

* bsc#1265582

* bsc#1265583

* bsc#1265584

* bsc#1265585

* bsc#1265586

* bsc#1265587

* bsc#1265588

* bsc#1265589

Cross-

* CVE-2026-32792

* CVE-2026-33278

* CVE-2026-40622

* CVE-2026-41292

* CVE-2026-42534

* CVE-2026-42923

* CVE-2026-42944

* CVE-2026-42959

* CVE-2026-42960

* CVE-2026-44390

* CVE-2026-44608

CVSS scores:

* CVE-2026-32792 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-32792 ( NVD ): 4.6

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green

* CVE-2026-32792 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:22160-1
Release Date: 2026-06-18T14:31:02Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE remote code execution important service degradation unbound

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here