Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 25.10 Bind High Denial of Service Issues USN-8124-1

ubuntu
Calendar Grey March 25, 2026
Dist Ubuntu Esm H88
Multiple security issues were resolved in Bind affecting various Ubuntu releases, including a potential DoS risk.
Several security issues were fixed in Bind.

Summary

Several security issues were fixed in Bind.

Software Description:

- bind9: Internet Domain Name Server

Details:

Samy Medjahed discovered that Bind incorrectly handled insecure

delegation validation. A remote attacker could possibly use this issue to

cause excessive NSEC3 iterations, consuming CPU resources, and leading to a

denial of service. (CVE-2026-1519)

Vitaly Simonovich discovered that Bind incorrectly handled memory when

preparing DNSSEC proofs of non-existence. A remote attacker could possibly

use this issue to cause memory consumption, leading to a denial of service.

This issue only affected Ubuntu 25.10. (CVE-2026-3104)

Vitaly Simonovich discovered that Bind incorrectly handled authenticated

queries containing TKEY records. A remote attacker could possibly use this

issue to cause Bind to crash, resulting in a denial of service. This issue

only affected Ubuntu 25.10. (CVE-2026-3119)

It was discovered that Bind incorrectly handled DNS queries signed with

SIG(0). A rem...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  bind9                           1:9.20.11-1ubuntu2.2

Ubuntu 24.04 LTS
  bind9                           1:9.18.39-0ubuntu0.24.04.3

Ubuntu 22.04 LTS
  bind9                           1:9.18.39-0ubuntu0.22.04.3

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8124-1

CVE-2026-1519, CVE-2026-3104, CVE-2026-3119, CVE-2026-3591

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8124-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here