Alerts This Week
Warning Icon 1 840
Alerts This Week
Warning Icon 1 840

SUSE 2026-2369-1 Unbound Important Service Degradation Threat

suse
Calendar Grey June 11, 2026
Dist Suse Esm H88
Critical updates enhance unbound's reliability by addressing multiple security flaws across SUSE versions. Update now!
An update that solves 11 vulnerabilities can now be installed.

Summary

## This update for unbound fixes the following issues * CVE-2026-32792: Packet of death with DNSCrypt (bsc#1265583). * CVE-2026-33278: Possible remote code execution during DNSSEC validation (bsc#1265587). * CVE-2026-40622: "Ghost domain name" variant (bsc#1265581). * CVE-2026-41292: Parsing a long list of incoming EDNS options degrades performance (bsc#1265580). * CVE-2026-42534: Jostle logic bypass degrades resolution performance (bsc#1265585). * CVE-2026-42923: Degradation of service with unbounded NSEC3 hash calculations (bsc#1265589). * CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (bsc#1265578). * CVE-2026-42959: Crash during DNSSEC validation of malicious content (bsc#1265586).

Topics%20covered

Topics Covered

security advisory SuSE remote code execution important unbound degradation of service

References

* bsc#1265578

* bsc#1265580

* bsc#1265581

* bsc#1265582

* bsc#1265583

* bsc#1265584

* bsc#1265585

* bsc#1265586

* bsc#1265587

* bsc#1265588

* bsc#1265589

Cross-

* CVE-2026-32792

* CVE-2026-33278

* CVE-2026-40622

* CVE-2026-41292

* CVE-2026-42534

* CVE-2026-42923

* CVE-2026-42944

* CVE-2026-42959

* CVE-2026-42960

* CVE-2026-44390

* CVE-2026-44608

CVSS scores:

* CVE-2026-32792 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-32792 ( NVD ): 4.6

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green

* CVE-2026-32792 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:2369-1
Release Date: 2026-06-11T12:22:56Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE remote code execution important unbound degradation of service

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here