Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Ubuntu 7080-1: Unbound Security Advisory Updates

ubuntu
Calendar Grey October 22, 2024
Dist Ubuntu Esm H88
Unbound may cease operation with crafted DNS traffic. Fix by updating to the latest package versions provided.
Unbound could be made to stop responding if it received specially crafted DNS traffic.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Unbound could be made to stop responding if it received specially crafted DNS traffic. Software Description: - unbound: validating, recursive, caching DNS resolver Details: Toshifumi Sakaguchi discovered that Unbound incorrectly handled name compression for large RRsets, which could lead to excessive CPU usage. An attacker could potentially use this issue to cause a denial of service by sending specially crafted DNS responses.

Topics%20covered

Topics Covered

No topics assigned

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10   libunbound8                     1.20.0-1ubuntu2.1   unbound                         1.20.0-1ubuntu2.1 Ubuntu 24.04 LTS   libunbound8                     1.19.2-1ubuntu3.3   unbound                         1.19.2-1ubuntu3.3 Ubuntu 22.04 LTS   libunbound8                     1.13.1-1ubuntu5.8   unbound                         1.13.1-1ubuntu5.8 Ubuntu 20.04 LTS   libunbound8                     1.9.4-2ubuntu1.9   unbound                         1.9.4-2ubuntu1.9 Ubuntu 18.04 LTS   libunbound2                     1.6.7-1ubuntu2.6+esm3                                   Available with Ubuntu Pro   unbound                         1.6.7-1ubuntu2.6+esm3                                   Available with Ubuntu Pro Ubuntu 16.04 LTS   libunbound2                     1.5.8-1ubuntu1.1+esm2                                   Available with Ubuntu Pro   unbound                         1.5.8-1ubuntu1.1+esm2                                   Available with Ubuntu Pro Ubuntu 14.04 LTS   libunbound2                     1.4.22-1ubuntu4.14.04.3+esm2                                   Available with Ubuntu Pro   unbound                         1.4.22-1ubuntu4.14.04.3+esm2                                   Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-7080-1

  CVE-2024-8508

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7080-1

Topics%20covered

Topics Covered

No topics assigned

Package Information

  https://launchpad.net/ubuntu/+source/unbound/1.20.0-1ubuntu2.1     https://launchpad.net/ubuntu/+source/unbound/1.13.1-1ubuntu5.8   https://launchpad.net/ubuntu/+source/unbound/1.9.4-2ubuntu1.9

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here