CVE-2026-3592
EUVD-2026-3110620.05.2026, 13:16
BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| isc | bind | 9.11.0 ≤ 𝑥 ≤ 9.16.50 |
| isc | bind | 9.18.0 ≤ 𝑥 < 9.18.49 |
| isc | bind | 9.20.0 ≤ 𝑥 < 9.20.23 |
| isc | bind | 9.21.0 ≤ 𝑥 < 9.21.22 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| bind |
| ||||||||||||
| bind-chrootenv |
| ||||||||||||
| bind-devel |
| ||||||||||||
| bind-doc |
| ||||||||||||
| bind-utils |
| ||||||||||||
| libbind9-161 |
| ||||||||||||
| libdns1110 |
| ||||||||||||
| libirs161 |
| ||||||||||||
| libisc1107 |
| ||||||||||||
| libisc1107-32bit |
| ||||||||||||
| libisccc161 |
| ||||||||||||
| libisccfg163 |
| ||||||||||||
| liblwres161 |
| ||||||||||||
| python-bind |
| ||||||||||||
| python3-bind |
|
Amazon Linux Releases
Amazon Package | |||||
|---|---|---|---|---|---|
| bind |
| ||||
| bind-chroot |
| ||||
| bind-debuginfo |
| ||||
| bind-debugsource |
| ||||
| bind-devel |
| ||||
| bind-dnssec-utils |
| ||||
| bind-dnssec-utils-debuginfo |
| ||||
| bind-doc |
| ||||
| bind-export-devel |
| ||||
| bind-export-libs |
| ||||
| bind-libs |
| ||||
| bind-libs-debuginfo |
| ||||
| bind-libs-lite |
| ||||
| bind-license |
| ||||
| bind-lite-devel |
| ||||
| bind-pkcs11 |
| ||||
| bind-pkcs11-devel |
| ||||
| bind-pkcs11-libs |
| ||||
| bind-pkcs11-utils |
| ||||
| bind-sdb |
| ||||
| bind-sdb-chroot |
| ||||
| bind-utils |
| ||||
| bind-utils-debuginfo |
|
Common Weakness Enumeration