CVE-2025-40778

EUVD-2025-35581
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache.
This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
bind9
bookworm
1:9.18.47-1~deb12u1
fixed
bookworm (security)
1:9.18.49-1~deb12u1
fixed
bullseye
vulnerable
bullseye (security)
1:9.16.50-1~deb11u5
fixed
forky
1:9.20.22-1
fixed
sid
1:9.20.23-1
fixed
trixie
1:9.20.21-1~deb13u1
fixed
trixie (security)
1:9.20.23-1~deb13u1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bind9
bionic
needed
focal
Fixed 1:9.18.30-0ubuntu0.20.04.2+esm1
released
jammy
Fixed 1:9.18.39-0ubuntu0.22.04.2
released
noble
Fixed 1:9.18.39-0ubuntu0.24.04.2
released
plucky
Fixed 1:9.20.11-0ubuntu0.2
released
questing
Fixed 1:9.20.11-1ubuntu2.1
released
resolute
Fixed 1:9.20.11-1ubuntu3
released
trusty
needs-triage
xenial
needs-triage
isc-dhcp
bionic
needs-triage
focal
not-affected
jammy
not-affected
noble
needs-triage
plucky
ignored
questing
needs-triage
resolute
needs-triage
trusty
not-affected
xenial
not-affected
bind9-libs
focal
needs-triage
jammy
needs-triage
noble
dne
plucky
dne
questing
dne
resolute
dne
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
bind
suse enterprise sap 15 SP6
9.18.33-150600.3.18.1
fixed
suse enterprise sap 15 SP7
9.20.15-150700.3.12.1
fixed
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP4
9.16.50-150400.5.56.1
fixed
suse enterprise server 15 SP5
9.16.50-150500.8.32.1
fixed
suse enterprise server 15 SP6
9.18.33-150600.3.18.1
fixed
suse enterprise server 15 SP7
9.20.15-150700.3.12.1
fixed
bind-chrootenv
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
bind-devel
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
bind-doc
suse enterprise sap 15 SP6
9.18.33-150600.3.18.1
fixed
suse enterprise sap 15 SP7
9.20.15-150700.3.12.1
fixed
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP4
9.16.50-150400.5.56.1
fixed
suse enterprise server 15 SP5
9.16.50-150500.8.32.1
fixed
suse enterprise server 15 SP6
9.18.33-150600.3.18.1
fixed
suse enterprise server 15 SP7
9.20.15-150700.3.12.1
fixed
bind-utils
suse enterprise desktop 15 SP6
9.18.33-150600.3.18.1
fixed
suse enterprise desktop 15 SP7
9.20.15-150700.3.12.1
fixed
suse enterprise sap 15 SP6
9.18.33-150600.3.18.1
fixed
suse enterprise sap 15 SP7
9.20.15-150700.3.12.1
fixed
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP4
9.16.50-150400.5.56.1
fixed
suse enterprise server 15 SP5
9.16.50-150500.8.32.1
fixed
suse enterprise server 15 SP6
9.18.33-150600.3.18.1
fixed
suse enterprise server 15 SP7
9.20.15-150700.3.12.1
fixed
libbind9-1600
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
libbind9-161
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
libdns1110
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
libdns1605
suse enterprise desktop 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.53.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.53.1
fixed
libirs-devel
suse enterprise desktop 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.53.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.53.1
fixed
libirs1601
suse enterprise desktop 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.53.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.53.1
fixed
libirs161
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
libisc1107
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
libisc1107-32bit
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
libisc1606
suse enterprise desktop 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.53.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.53.1
fixed
libisccc1600
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
libisccc161
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
libisccfg1600
suse enterprise desktop 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.53.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.53.1
fixed
libisccfg163
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
liblwres161
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
libns1604
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
python-bind
suse enterprise server 12 SP5
9.11.22-3.65.1
fixed
python3-bind
suse enterprise server 15 SP2
9.16.6-150000.12.85.1
fixed
suse enterprise server 15 SP3
9.16.6-150300.22.53.1
fixed
suse enterprise server 15 SP4
9.16.50-150400.5.56.1
fixed
suse enterprise server 15 SP5
9.16.50-150500.8.32.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
bind
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 8.6 AUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 E4S
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 TUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.8 E4S
32:9.11.36-8.el8_8.8
fixed
RHEL 8.8 TUS
32:9.11.36-8.el8_8.8
fixed
RHEL 9
32:9.16.23-34.el9_7.1
fixed
bind-chroot
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 9
32:9.16.23-34.el9_7.1
fixed
bind-devel
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 9
32:9.16.23-34.el9_7.1
fixed
bind-dnssec-doc
RHEL 9
32:9.16.23-34.el9_7.1
fixed
bind-dnssec-utils
RHEL 9
32:9.16.23-34.el9_7.1
fixed
bind-doc
RHEL 9
32:9.16.23-34.el9_7.1
fixed
bind-export-devel
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
bind-export-libs
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 8.6 AUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 E4S
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 TUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.8 E4S
32:9.11.36-8.el8_8.8
fixed
RHEL 8.8 TUS
32:9.11.36-8.el8_8.8
fixed
bind-libs
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 8.6 AUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 E4S
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 TUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.8 E4S
32:9.11.36-8.el8_8.8
fixed
RHEL 8.8 TUS
32:9.11.36-8.el8_8.8
fixed
RHEL 9
32:9.16.23-34.el9_7.1
fixed
bind-libs-lite
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 8.6 AUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 E4S
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 TUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.8 E4S
32:9.11.36-8.el8_8.8
fixed
RHEL 8.8 TUS
32:9.11.36-8.el8_8.8
fixed
bind-license
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 9
32:9.16.23-34.el9_7.1
fixed
bind-lite-devel
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
bind-pkcs11
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 8.6 AUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 E4S
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 TUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.8 E4S
32:9.11.36-8.el8_8.8
fixed
RHEL 8.8 TUS
32:9.11.36-8.el8_8.8
fixed
bind-pkcs11-devel
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
bind-pkcs11-libs
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 8.6 AUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 E4S
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 TUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.8 E4S
32:9.11.36-8.el8_8.8
fixed
RHEL 8.8 TUS
32:9.11.36-8.el8_8.8
fixed
bind-pkcs11-utils
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 8.6 AUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 E4S
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 TUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.8 E4S
32:9.11.36-8.el8_8.8
fixed
RHEL 8.8 TUS
32:9.11.36-8.el8_8.8
fixed
bind-sdb
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 8.6 AUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 E4S
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 TUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.8 E4S
32:9.11.36-8.el8_8.8
fixed
RHEL 8.8 TUS
32:9.11.36-8.el8_8.8
fixed
bind-sdb-chroot
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
bind-utils
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 8.6 AUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 E4S
32:9.11.36-3.el8_6.11
fixed
RHEL 8.6 TUS
32:9.11.36-3.el8_6.11
fixed
RHEL 8.8 E4S
32:9.11.36-8.el8_8.8
fixed
RHEL 8.8 TUS
32:9.11.36-8.el8_8.8
fixed
RHEL 9
32:9.16.23-34.el9_7.1
fixed
bind9.16
RHEL 8
32:9.16.23-0.22.el8_10.4
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.7
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.7
fixed
bind9.16-chroot
RHEL 8
32:9.16.23-0.22.el8_10.4
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.7
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.7
fixed
bind9.16-devel
RHEL 8
32:9.16.23-0.22.el8_10.4
fixed
bind9.16-dnssec-utils
RHEL 8
32:9.16.23-0.22.el8_10.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.7
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.7
fixed
bind9.16-doc
RHEL 8
32:9.16.23-0.22.el8_10.4
fixed
bind9.16-libs
RHEL 8
32:9.16.23-0.22.el8_10.4
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.7
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.7
fixed
bind9.16-license
RHEL 8
32:9.16.23-0.22.el8_10.4
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.7
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.7
fixed
bind9.16-utils
RHEL 8
32:9.16.23-0.22.el8_10.4
fixed
RHEL 8.6 AUS
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.6 E4S
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.6 TUS
32:9.16.23-0.7.el8_6.9
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.7
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.7
fixed
bind9.18
RHEL 9
32:9.18.29-5.el9_7.2
fixed
bind9.18-chroot
RHEL 9
32:9.18.29-5.el9_7.2
fixed
bind9.18-devel
RHEL 9
32:9.18.29-5.el9_7.2
fixed
bind9.18-dnssec-utils
RHEL 9
32:9.18.29-5.el9_7.2
fixed
bind9.18-doc
RHEL 9
32:9.18.29-5.el9_7.2
fixed
bind9.18-libs
RHEL 9
32:9.18.29-5.el9_7.2
fixed
bind9.18-utils
RHEL 9
32:9.18.29-5.el9_7.2
fixed
python3-bind
RHEL 8
32:9.11.36-16.el8_10.6
fixed
RHEL 8.2 AUS
32:9.11.13-6.el8_2.11
fixed
RHEL 8.4 AUS
32:9.11.26-4.el8_4.8
fixed
RHEL 9
32:9.16.23-34.el9_7.1
fixed
python3-bind9.16
RHEL 8
32:9.16.23-0.22.el8_10.4
fixed
RHEL 8.8 E4S
32:9.16.23-0.14.el8_8.7
fixed
RHEL 8.8 TUS
32:9.16.23-0.14.el8_8.7
fixed
Common Weakness Enumeration
References
https://kb.isc.org/docs/cve-2025-40778
http://www.openwall.com/lists/oss-security/2025/10/22/1
https://gist.github.com/N3mes1s/f76b4a606308937b0806a5256bc1f918