ALSA-2025:19950

See a problem?
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:19950.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2025:19950
Related
  • CVE-2025-40778
  • CVE-2025-40780
  • CVE-2025-8677
Published
2025-11-10T00:00:00Z
Modified
2026-02-04T02:50:22.425803Z
Summary
Important: bind9.18 security update
Details

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly.

Security Fix(es):

  • bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)
  • bind: Cache poisoning due to weak PRNG (CVE-2025-40780)
  • bind: Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:9
bind9.18

Package

Name
bind9.18
Purl
pkg:rpm/almalinux/bind9.18

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.29-4.el9_6.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:19950.json"
bind9.18-chroot

Package

Name
bind9.18-chroot
Purl
pkg:rpm/almalinux/bind9.18-chroot

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.29-4.el9_6.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:19950.json"
bind9.18-devel

Package

Name
bind9.18-devel
Purl
pkg:rpm/almalinux/bind9.18-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.29-4.el9_6.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:19950.json"
bind9.18-dnssec-utils

Package

Name
bind9.18-dnssec-utils
Purl
pkg:rpm/almalinux/bind9.18-dnssec-utils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.29-4.el9_6.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:19950.json"
bind9.18-doc

Package

Name
bind9.18-doc
Purl
pkg:rpm/almalinux/bind9.18-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.29-4.el9_6.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:19950.json"
bind9.18-libs

Package

Name
bind9.18-libs
Purl
pkg:rpm/almalinux/bind9.18-libs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.29-4.el9_6.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:19950.json"
bind9.18-utils

Package

Name
bind9.18-utils
Purl
pkg:rpm/almalinux/bind9.18-utils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.29-4.el9_6.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2025:19950.json"