ALSA-2025:21034

See a problem?
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:21034.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2025:21034
Related
  • CVE-2025-40778
  • CVE-2025-40780
  • CVE-2025-8677
Published
2025-11-11T00:00:00Z
Modified
2026-02-04T03:04:36.880154Z
Summary
Important: bind security update
Details

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

  • bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)
  • bind: Cache poisoning due to weak PRNG (CVE-2025-40780)
  • bind: Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:10
bind

Package

Name
bind
Purl
pkg:rpm/almalinux/bind

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.33-10.el10_1.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:21034.json"
bind-chroot

Package

Name
bind-chroot
Purl
pkg:rpm/almalinux/bind-chroot

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.33-10.el10_1.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:21034.json"
bind-devel

Package

Name
bind-devel
Purl
pkg:rpm/almalinux/bind-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.33-10.el10_1.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:21034.json"
bind-dnssec-utils

Package

Name
bind-dnssec-utils
Purl
pkg:rpm/almalinux/bind-dnssec-utils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.33-10.el10_1.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:21034.json"
bind-doc

Package

Name
bind-doc
Purl
pkg:rpm/almalinux/bind-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.33-10.el10_1.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:21034.json"
bind-libs

Package

Name
bind-libs
Purl
pkg:rpm/almalinux/bind-libs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.33-10.el10_1.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:21034.json"
bind-license

Package

Name
bind-license
Purl
pkg:rpm/almalinux/bind-license

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.33-10.el10_1.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:21034.json"
bind-utils

Package

Name
bind-utils
Purl
pkg:rpm/almalinux/bind-utils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
32:9.18.33-10.el10_1.2

Database specific

source 
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:21034.json"