Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Ubuntu: 6665-1 Unbound Critical Update For Denial Of Service Risk

ubuntu
Calendar Grey February 28, 2024
Dist Ubuntu Esm H88
Major security flaws have been resolved for Ubuntu versions 23.10, 22.04, and 20.04 LTS, along with instructions for implementing necessary updates.
Several security issues were fixed in Unbound.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Unbound. Software Description: - unbound: validating, recursive, caching DNS resolver Details: Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Unbound incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. (CVE-2023-50387) It was discovered that Unbound incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. (CVE-2023-50868)

Topics%20covered

Topics Covered

security advisory security update Ubuntu Denial of Service resource issue Unbound

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: libunbound8 1.17.1-2ubuntu0.1 unbound 1.17.1-2ubuntu0.1 Ubuntu 22.04 LTS: libunbound8 1.13.1-1ubuntu5.4 unbound 1.13.1-1ubuntu5.4 Ubuntu 20.04 LTS: libunbound8 1.9.4-2ubuntu1.5 unbound 1.9.4-2ubuntu1.5 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6665-1

CVE-2023-50387, CVE-2023-50868

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6665-1

Topics%20covered

Topics Covered

security advisory security update Ubuntu Denial of Service resource issue Unbound

Package Information

https://launchpad.net/ubuntu/+source/unbound/1.17.1-2ubuntu0.1 https://launchpad.net/ubuntu/+source/unbound/1.13.1-1ubuntu5.4 https://launchpad.net/ubuntu/+source/unbound/1.9.4-2ubuntu1.5

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here