Alerts This Week
Warning Icon 1 1,102
Alerts This Week
Warning Icon 1 1,102

Ubuntu 26.04 LTS NSD Critical Buffer Overflow and DoS Alert 8474-1

ubuntu
Calendar Grey June 25, 2026
Dist Ubuntu Esm H88
NSD on Ubuntu contains critical issues leading to potential remote exploits. Apply necessary updates to strengthen security.
NSD could be made to crash or run programs if it received specially crafted network traffic.

Summary

NSD could be made to crash or run programs if it received specially

crafted network traffic.

Software Description:

- nsd: Several security issues were fixed in NSD, including a stack-based buffer overflow in APL resource record handling, a heap overflow in SVCB resource record handling, a use-after-free in TLS connection error logging, and a TLS authentication bypass for zone transfers.

Details:

It was discovered that NSD incorrectly handled APL resource records with an

address length larger than permitted for the address family. A remote attacker

could use this to cause a stack-based buffer overflow when the zone is written

to disk, potentially executing arbitrary code with the privileges of the NSD

server. (CVE-2026-12246)

It was discovered that NSD incorrectly handled SVCB resource records. A remote

attacker could use this to cause a heap overflow, potentially executing

arbitrary code with the privileges of the NSD server. This issue only affected

Ubuntu 26.04 LTS. (CVE-2026...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu heap overflow stack overflow

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  nsd                             4.14.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 24.04 LTS
  nsd                             4.8.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  nsd                             4.3.9-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  nsd                             4.1.26-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  nsd                             4.1.17-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  nsd                             4.1.7-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  nsd3                            4.1.7-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8474-1

CVE-2026-12244, CVE-2026-12245, CVE-2026-12246, CVE-2026-12490

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8474-1

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu heap overflow stack overflow

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here