Alerts This Week
Warning Icon 1 1,039
Alerts This Week
Warning Icon 1 1,039

Ubuntu 20.04 Unbound Critical Denial of Service Issues USN-8282-2

ubuntu
Calendar Grey June 2, 2026
Dist Ubuntu Esm H88
Several security issues addressed in Unbound for Ubuntu 14.04 to 20.04 LTS. Immediate update recommended for users.
Several security issues were fixed in Unbound.

Summary

Several security issues were fixed in Unbound.

Software Description:

- unbound: validating, recursive, caching DNS resolver

Details:

USN-8282-1 fixed vulnerabilities in Unbound. This update provides the

corresponding updates for CVE-2026-41292 in Ubuntu 18.04 LTS and Ubuntu

20.04 LTS and CVE-2026-42959, CVE-2026-42960 in Ubuntu 14.04 LTS, Ubuntu

16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.

Original advisory details:

Andrew Griffiths discovered that Unbound did not properly handle certain

DNSCrypt packets. A remote attacker could possibly use this issue to cause

Unbound to crash, resulting in a denial of service. (CVE-2026-32792)

Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation

in certain situations. A remote attacker could possibly use this issue to

execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, Ubuntu

25.10, and Ubuntu 26.04 LTS. (CVE-2026-33278)

Qifan Zhang discovered that Unbound incorrectly handled certain ghost

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service update Ubuntu CVE unbound

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
  libunbound8                     1.9.4-2ubuntu1.11+esm1
                                  Available with Ubuntu Pro
  unbound                         1.9.4-2ubuntu1.11+esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libunbound2                     1.6.7-1ubuntu2.6+esm4
                                  Available with Ubuntu Pro
  unbound                         1.6.7-1ubuntu2.6+esm4
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  libunbound2                     1.5.8-1ubuntu1.1+esm3
                                  Available with Ubuntu Pro
  unbound                         1.5.8-1ubuntu1.1+esm3
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  libunbound2                     1.4.22-1ubuntu4.14.04.3+esm3
                                  Available with Ubuntu Pro
  unbound                         1.4.22-1ubuntu4.14.04.3+esm3
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8282-2

https://ubuntu.com/security/notices/USN-8282-1

CVE-2026-41292, CVE-2026-42959, CVE-2026-42960

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8282-2

Topics%20covered

Topics Covered

security advisory denial of service update Ubuntu CVE unbound

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here