CVE-2025-13878
EUVD-2026-359921.01.2026, 15:16
Malformed BRID/HHIT records can cause `named` to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| bind9 |
| ||||||||||||||
| bind9-libs |
| ||||||||||||||
| isc-dhcp |
|
openSUSE / SLES Releases
Common Weakness Enumeration
- CWE-617 - Reachable AssertionThe product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
- CWE-1286 - Improper Validation of Syntactic Correctness of InputThe product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.
References