SUSE Unbound Critical Buffer Overflow Security Flaw 2026-2281-1

suse

June 5, 2026

An update that solves 11 vulnerabilities can now be installed.

Summary

## This update for unbound fixes the following issues * CVE-2026-32792: Packet of death with DNSCrypt (bsc#1265583). * CVE-2026-33278: Possible remote code execution during DNSSEC validation (bsc#1265587). * CVE-2026-40622: "Ghost domain name" variant (bsc#1265581). * CVE-2026-41292: Parsing a long list of incoming EDNS options degrades performance (bsc#1265580). * CVE-2026-42534: Jostle logic bypass degrades resolution performance (bsc#1265585). * CVE-2026-42923: Degradation of service with unbounded NSEC3 hash calculations (bsc#1265589). * CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (bsc#1265578). * CVE-2026-42959: Crash during DNSSEC validation of malicious content (bsc#1265586).

Topics Covered

security advisory remote code execution important service degradation OpenSUSE unbound

References

* bsc#1265578

* bsc#1265580

* bsc#1265581

* bsc#1265582

* bsc#1265583

* bsc#1265584

* bsc#1265585

* bsc#1265586

* bsc#1265587

* bsc#1265588

* bsc#1265589

Cross-

* CVE-2026-32792

* CVE-2026-33278

* CVE-2026-40622

* CVE-2026-41292

* CVE-2026-42534

* CVE-2026-42923

* CVE-2026-42944

* CVE-2026-42959

* CVE-2026-42960

* CVE-2026-44390

* CVE-2026-44608

CVSS scores:

* CVE-2026-32792 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-32792 ( NVD ): 4.6

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green

* CVE-2026-32792 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2026:2281-1

Release Date: 2026-06-05T12:12:48Z

Rating: important

Topics Covered

security advisory remote code execution important service degradation OpenSUSE unbound

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Unbound Critical Buffer Overflow Security Flaw 2026-2281-1

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Unbound Critical Buffer Overflow Security Flaw 2026-2281-1

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!