Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 493
Alerts This Week
Warning Icon 1 493

Ubuntu 25.10: Unbound Critical Regression Fix CVE-2025-11411 USN-7855-2

ubuntu
Calendar Grey December 2, 2025
Dist Ubuntu Esm H88
Unbound in Ubuntu faces a critical regression issue affecting multiple releases, requiring immediate updates.
USN-7855-1 introduced a regression in Unbound

Summary

USN-7855-1 introduced a regression in Unbound

Software Description:

- unbound: validating, recursive, caching DNS resolver

Details:

USN-7855-1 fixed vulnerabilities in Unbound. It was discovered that the fix

for CVE-2025-11411 was incomplete. This update fixes the problem.

Original advisory details:

Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin Duan discovered that

Unbound incorrectly handled certain promiscuous NS RRSets. A remote

attacker could possibly use this issue to perform a domain hijack attack.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libunbound8                     1.22.0-2ubuntu2.2
  unbound                         1.22.0-2ubuntu2.2

Ubuntu 25.04
  libunbound8                     1.22.0-1ubuntu1.3
  unbound                         1.22.0-1ubuntu1.3

Ubuntu 24.04 LTS
  libunbound8                     1.19.2-1ubuntu3.7
  unbound                         1.19.2-1ubuntu3.7

Ubuntu 22.04 LTS
  libunbound8                     1.13.1-1ubuntu5.14
  unbound                         1.13.1-1ubuntu5.14

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7855-2

https://ubuntu.com/security/notices/USN-7855-1

CVE-2025-11411, https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/2133715

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7855-2

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.