Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 12 articles for you...
100
security advisorymoderateupdateSUSE Linux 19.0 SecureWeb Major Risk HTTP Resource Manipulation Flaw
An update that solves one vulnerability can now be installed.. # Security update for unbound Announcement ID: SUSE-SU-2026:20201-1 Release Date: 2026-01-30T10:05:07Z Rating: moderate References: * bsc#1252525 Cross-References: * CVE-2025-11411 CVSS scores: * CVE-2025-11411 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:L * CVE-2025-11411 ( SUSE ): 6.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2025-11411 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for unbound fixes the following issues: Update to 1.24.1: * CVE-2025-11411: Fixed possible domain hijacking attack (bsc#1252525). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-224=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-224=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * python3-unbound-debuginfo-1.24.1-160000.1.1 * unbound-debuginfo-1.24.1-160000.1.1 * unbound-debugsource-1.24.1-160000.1.1 * unbound-devel-1.24.1-160000.1.1 * python3-unbound-1.24.1-160000.1.1 * libunbound8-1.24.1-160000.1.1 * unbound-anchor-debuginfo-1.24.1-160000.1.1 * unbound-anchor-1.24.1-160000.1.1 * libunbound8-debuginfo-1.24.1-160000.1.1 * unbound-1.24.1-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) *python3-unbound-debuginfo-1.24.1-160000.1.1 * unbound-debuginfo-1.24.1-160000.1.1 * unbound-debugsource-1.24.1-160000.1.1 * unbound-devel-1.24.1-160000.1.1 * python3-unbound-1.24.1-160000.1.1 * libunbound8-1.24.1-160000.1.1 * unbound-anchor-debuginfo-1.24.1-160000.1.1 * unbound-anchor-1.24.1-160000.1.1 * libunbound8-debuginfo-1.24.1-160000.1.1 * unbound-1.24.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11411.html * https://bugzilla.suse.com/show_bug.cgi?id=1252525 . Critical security update for unbound addresses potential domain hijacking. Install recommended patches now.. SUSE Linux, Security Update, Unbound, Domain Hijacking, Patch Installation. . LinuxSecurity.com Team
Feb 03, 2026
SuSE
202
security advisorymoderatesecurity updateopenSUSE Leap 16.0 unbound Moderate Domain Hijacking Vuln 2026-20139-1
An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for unbound ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20139-1 Rating: moderate References: * bsc#1252525 Cross-References: * CVE-2025-11411 CVSS scores: * CVE-2025-11411 ( SUSE ): 6.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2025-11411 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:L Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for unbound fixes the following issues: Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack (bsc#1252525). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-224=1 Package List: - openSUSE Leap 16.0: libunbound8-1.24.1-160000.1.1 python3-unbound-1.24.1-160000.1.1 unbound-1.24.1-160000.1.1 unbound-anchor-1.24.1-160000.1.1 unbound-devel-1.24.1-160000.1.1 unbound-munin-1.24.1-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2025-11411.html . Update available for unbound in openSUSE Leap 16.0 addressing domain hijacking risk and bug fix. Apply to enhance security.. openSUSE unbound update domain hijacking bug fix. . LinuxSecurity.com Team
Feb 03, 2026
OpenSUSE
100
security advisorymoderateSuSESUSE Linux Micro 6.2 Unbound Moderate Domain Hijacking 2026-20180-1
An update that solves one vulnerability can now be installed.. # Security update for unbound Announcement ID: SUSE-SU-2026:20180-1 Release Date: 2026-01-30T10:02:19Z Rating: moderate References: * bsc#1252525 Cross-References: * CVE-2025-11411 CVSS scores: * CVE-2025-11411 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:L * CVE-2025-11411 ( SUSE ): 6.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2025-11411 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for unbound fixes the following issues: Update to 1.24.1: * CVE-2025-11411: Fixed possible domain hijacking attack (bsc#1252525). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-224=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * unbound-debugsource-1.24.1-160000.1.1 * libunbound8-debuginfo-1.24.1-160000.1.1 * libunbound8-1.24.1-160000.1.1 * unbound-anchor-debuginfo-1.24.1-160000.1.1 * unbound-debuginfo-1.24.1-160000.1.1 * unbound-anchor-1.24.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11411.html * https://bugzilla.suse.com/show_bug.cgi?id=1252525 . SUSE update fixes moderate domain hijacking flaw in unbound. Ensure your systems are fully protected and patched.. SUSE update unbound security moderate CVE-2025-11411. . LinuxSecurity.com Team
Feb 02, 2026
SuSE
100
security advisorymoderateSuSESUSE: Important Advisory on Domain Hijacking Fix CVE-2025-11411
An update that solves one vulnerability can now be installed.. # Security update for unbound Announcement ID: SUSE-SU-2025:4391-1 Release Date: 2025-12-15T10:34:11Z Rating: moderate References: * bsc#1252525 Cross-References: * CVE-2025-11411 CVSS scores: * CVE-2025-11411 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:L * CVE-2025-11411 ( SUSE ): 6.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2025-11411 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for unbound fixes the following issues: * CVE-2025-11411: Fixed domain hijacking due to promiscuous records (bsc#1252525) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-4391=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * unbound-anchor-1.20.0-150100.10.22.1 * libunbound8-1.20.0-150100.10.22.1 * unbound-debuginfo-1.20.0-150100.10.22.1 * unbound-debugsource-1.20.0-150100.10.22.1 * libunbound8-debuginfo-1.20.0-150100.10.22.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11411.html * https://bugzilla.suse.com/show_bug.cgi?id=1252525 . SUSE releases a moderate security update for unbound to address domain hijacking risks. Patch immediately to mitigate threats.. SUSE Linux, Unbound Update, Moderate Severity, Security Patch. . LinuxSecurity.com Team
Dec 15, 2025
SuSE
203
security advisorysecurity issueimportantMageia 9: Unbound Important Domain Hijacking Advisory MGASA-2025-0318
MGASA-2025-0318 - Updated unbound packages fix security vulnerabilities. MGASA-2025-0318 - Updated unbound packages fix security vulnerabilities Publication date: 04 Dec 2025 URL: https://advisories.mageia.org/MGASA-2025-0318.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-11411 Description: Possible domain hijacking via promiscuous records in the authority section. (CVE-2025-11411). Previous fixes for CVE-2025-11411 released with Unbound 1.24.1 were not complete. References: - https://bugs.mageia.org/show_bug.cgi?id=34785 - https://advisories.mageia.org/MGASA-2025-0273.html - https://www.openwall.com/lists/oss-security/2025/11/26/4 - https://www.cve.org/CVERecord?id=CVE-2025-11411 SRPMS: - 9/core/unbound-1.24.2-1.mga9 . Updated unbound packages in Mageia 9 resolve important security issues, preventing domain hijacking vulnerabilities.. Mageia Unbound Security Domain Hijacking Advisory. . Severity: Important. LinuxSecurity.com Team
Dec 05, 2025
•Important
Mageia
172
security advisorycriticalUbuntuUbuntu 25.10: Unbound Critical Regression Fix CVE-2025-11411 USN-7855-2
USN-7855-1 introduced a regression in Unbound. ========================================================================== Ubuntu Security Notice USN-7855-2 December 02, 2025 unbound regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: USN-7855-1 introduced a regression in Unbound Software Description: - unbound: validating, recursive, caching DNS resolver Details: USN-7855-1 fixed vulnerabilities in Unbound. It was discovered that the fix for CVE-2025-11411 was incomplete. This update fixes the problem. Original advisory details: Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin Duan discovered that Unbound incorrectly handled certain promiscuous NS RRSets. A remote attacker could possibly use this issue to perform a domain hijack attack. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libunbound8 1.22.0-2ubuntu2.2 unbound 1.22.0-2ubuntu2.2 Ubuntu 25.04 libunbound8 1.22.0-1ubuntu1.3 unbound 1.22.0-1ubuntu1.3 Ubuntu 24.04 LTS libunbound8 1.19.2-1ubuntu3.7 unbound 1.19.2-1ubuntu3.7 Ubuntu 22.04 LTS libunbound8 1.13.1-1ubuntu5.14 unbound 1.13.1-1ubuntu5.14 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7855-2 https://ubuntu.com/security/notices/USN-7855-1 CVE-2025-11411, https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/2133715 Package Information: https://launchpad.net/ubuntu/+source/unbound/1.22.0-2ubuntu2.2 https://launchpad.net/ubuntu/+source/unbound/1.22.0-1ubuntu1.3 https://launchpad.net/ubuntu/+source/unbound/1.19.2-1ubuntu3.7 https://launchpad.net/ubuntu/+source/unbound/1.13.1-1ubuntu5.14 . Unbound in Ubuntu faces a critical regression issue affecting multiple releases, requiring immediate updates.. unbound security, Ubuntu update, domain hijacking, Linux advisory, regression fix. . Severity: Critical. LinuxSecurity.com Team
Dec 02, 2025
•Critical
Ubuntu
100
security advisorysecurity fiximportantSUSE: unbound Important Domain Hijacking Fix CVE-2025-11411 2025:21065-1
* bsc#1252525 Cross-References: * CVE-2025-11411 . # Security update for unbound Announcement ID: SUSE-SU-2025:21065-1 Release Date: 2025-11-26T14:25:40Z Rating: important References: * bsc#1252525 Cross-References: * CVE-2025-11411 CVSS scores: * CVE-2025-11411 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:L * CVE-2025-11411 ( SUSE ): 6.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2025-11411 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for unbound fixes the following issues: * CVE-2025-11411: Fixed promiscuous records leading to domain hijacking (bsc#1252525) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-343=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * unbound-anchor-1.22.0-slfo.1.1_3.1 * libunbound8-1.22.0-slfo.1.1_3.1 * libunbound8-debuginfo-1.22.0-slfo.1.1_3.1 * unbound-anchor-debuginfo-1.22.0-slfo.1.1_3.1 * unbound-debugsource-1.22.0-slfo.1.1_3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11411.html * https://bugzilla.suse.com/show_bug.cgi?id=1252525 . Critical security update for unbound addresses domain hijacking, rated important for SUSE Linux Micro systems.. unbound security fix,SUSE Linux Micro update,domain hijack risk. . Severity: Important. LinuxSecurity.com Team
Nov 27, 2025
•Important
SuSE
100
security advisorySuSEpatchSUSE Micro: Unbound Important Domain Hijacking Advisory CVE-2025-11411
* bsc#1252525 Cross-References: * CVE-2025-11411 . # Security update for unbound Announcement ID: SUSE-SU-2025:21050-1 Release Date: 2025-11-20T11:36:10Z Rating: important References: * bsc#1252525 Cross-References: * CVE-2025-11411 CVSS scores: * CVE-2025-11411 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:L * CVE-2025-11411 ( SUSE ): 6.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2025-11411 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for unbound fixes the following issues: * CVE-2025-11411: Fixed promiscuous records leading to domain hijacking (bsc#1252525) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-526=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * unbound-anchor-1.22.0-2.1 * libunbound8-debuginfo-1.22.0-2.1 * libunbound8-1.22.0-2.1 * unbound-debugsource-1.22.0-2.1 * unbound-anchor-debuginfo-1.22.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11411.html * https://bugzilla.suse.com/show_bug.cgi?id=1252525 . Critical update for SUSE Micro addressing important vulnerability in Unbound to prevent domain hijacking.. SUSE Micro Unbound Update Domain Hijacking Security. . Severity: Important. LinuxSecurity.com Team
Nov 27, 2025
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!