CVE-2025-40780

In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use.
This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
iscCNA
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
CISA-ADPADP
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
Debian logo
Debian Releases
Debian Product
Codename
bind9
bullseye
vulnerable
bullseye (security)
1:9.16.50-1~deb11u4
fixed
bookworm
vulnerable
bookworm (security)
1:9.18.41-1~deb12u1
fixed
trixie (security)
1:9.20.15-1~deb13u1
fixed
trixie
1:9.20.15-1~deb13u1
fixed
forky
1:9.20.15-2
fixed
sid
1:9.20.15-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bind9
questing
Fixed 1:9.20.11-1ubuntu2.1
released
plucky
Fixed 1:9.20.11-0ubuntu0.2
released
noble
Fixed 1:9.18.39-0ubuntu0.24.04.2
released
jammy
Fixed 1:9.18.39-0ubuntu0.22.04.2
released
focal
Fixed 1:9.18.30-0ubuntu0.20.04.2+esm1
released
bionic
needed
xenial
needs-triage
trusty
needs-triage
isc-dhcp
questing
needs-triage
plucky
needs-triage
noble
needs-triage
jammy
not-affected
focal
not-affected
bionic
needs-triage
xenial
not-affected
trusty
not-affected
bind9-libs
questing
dne
plucky
dne
noble
dne
jammy
needs-triage
focal
needs-triage
Common Weakness Enumeration
References
https://kb.isc.org/docs/cve-2025-40780
http://www.openwall.com/lists/oss-security/2025/10/22/1