AZL-75074

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-75074.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-75074

Upstream

CVE-2025-13878

Published

2026-01-21T15:16:05Z

Modified

2026-04-21T04:38:50.628530Z

Summary

CVE-2025-13878 affecting package bind for versions less than 9.20.18-1

Details

Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-13878

Affected packages

Azure Linux:3 / bind

Package

Name: bind
Purl: pkg:rpm/azure-linux/bind

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.20.18-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-75074.json"