Unbound Issues in Ubuntu Versions 22.04 24.04 25.10 26.04 Cause DoS RCE

ubuntu

May 20, 2026

Several security issues were fixed in Unbound.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in Unbound. Software Description: - unbound: validating, recursive, caching DNS resolver Details: Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. (CVE-2026-32792) Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation in certain situations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-33278) Qifan Zhang discovered that Unbound incorrectly handled certain ghost domain name records. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS, Ubuntu...

Read the Full Advisory

Topics Covered

security advisory denial of service critical remote code execution Ubuntu unbound

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libunbound8 1.24.2-1ubuntu2.1 unbound 1.24.2-1ubuntu2.1 Ubuntu 25.10 libunbound8 1.22.0-2ubuntu2.3 unbound 1.22.0-2ubuntu2.3 Ubuntu 24.04 LTS libunbound8 1.19.2-1ubuntu3.8 unbound 1.19.2-1ubuntu3.8 Ubuntu 22.04 LTS libunbound8 1.13.1-1ubuntu5.15 unbound 1.13.1-1ubuntu5.15 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8282-1

CVE-2026-32792, CVE-2026-33278, CVE-2026-40622, CVE-2026-41292,

CVE-2026-42534, CVE-2026-42923, CVE-2026-42944, CVE-2026-42959,

CVE-2026-42960, CVE-2026-44390, CVE-2026-44608

Severity

critical

Lowest

Low

Medium

High

Critical

Ubuntu Security Notice USN-8282-1

Topics Covered

security advisory denial of service critical remote code execution Ubuntu unbound

Package Information

https://launchpad.net/ubuntu/+source/unbound/1.24.2-1ubuntu2.1 https://launchpad.net/ubuntu/+source/unbound/1.22.0-2ubuntu2.3 https://launchpad.net/ubuntu/+source/unbound/1.19.2-1ubuntu3.8 https://launchpad.net/ubuntu/+source/unbound/1.13.1-1ubuntu5.15

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Unbound Issues in Ubuntu Versions 22.04 24.04 25.10 26.04 Cause DoS RCE

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Unbound Issues in Ubuntu Versions 22.04 24.04 25.10 26.04 Cause DoS RCE

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!