Ubuntu 20.04: Bind Important Denial of Service Cache Poisoning USN-7836-2
ubuntu
November 12, 2025
Several security issues were fixed in Bind.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Bind. Software Description: - bind9: Internet Domain Name Server Details: USN-7836-1 fixed vulnerabilities in Bind. This update provides the corresponding fixes for Ubuntu 20.04 LTS. Original advisory details: Zuyao Xu and Xiang Li discovered that Bind incorrectly handled certain malformed DNSKEY records. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. (CVE-2025-8677) Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin Duan discovered that Bind incorrectly accepted certain records from answers. A remote attacker could possibly use this issue to perform a cache poisoning attack. (CVE-2025-40778) Amit Klein and Omer Ben Simhon discovered that Bind used a weak PRNG. A remote attacker could possibly use this issue to perform a cache poisoning attack. (CVE-2025-40780)
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS bind9 1:9.18.30-0ubuntu0.20.04.2+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-7836-2
https://ubuntu.com/security/notices/USN-7836-1
CVE-2025-40778, CVE-2025-40780, CVE-2025-8677
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-7836-2
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!