vulnerability
Oracle Linux: CVE-2025-40778: ELSA-2025-19793: bind9.16 security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:C/A:N) | Oct 22, 2025 | Nov 7, 2025 | Jan 9, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:N)
Published
Oct 22, 2025
Added
Nov 7, 2025
Modified
Jan 9, 2026
Description
A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records (RRs) in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache, redirecting clients to malicious domains or unauthorized servers.
Solutions
oracle-linux-upgrade-bindoracle-linux-upgrade-bind9-16oracle-linux-upgrade-bind9-16-chrootoracle-linux-upgrade-bind9-16-develoracle-linux-upgrade-bind9-16-dnssec-utilsoracle-linux-upgrade-bind9-16-docoracle-linux-upgrade-bind9-16-libsoracle-linux-upgrade-bind9-16-licenseoracle-linux-upgrade-bind9-16-utilsoracle-linux-upgrade-bind9-18oracle-linux-upgrade-bind9-18-chrootoracle-linux-upgrade-bind9-18-develoracle-linux-upgrade-bind9-18-dnssec-utilsoracle-linux-upgrade-bind9-18-docoracle-linux-upgrade-bind9-18-libsoracle-linux-upgrade-bind9-18-utilsoracle-linux-upgrade-bind-chrootoracle-linux-upgrade-bind-develoracle-linux-upgrade-bind-dnssec-docoracle-linux-upgrade-bind-dnssec-utilsoracle-linux-upgrade-bind-docoracle-linux-upgrade-bind-export-develoracle-linux-upgrade-bind-export-libsoracle-linux-upgrade-bind-libsoracle-linux-upgrade-bind-libs-liteoracle-linux-upgrade-bind-licenseoracle-linux-upgrade-bind-lite-develoracle-linux-upgrade-bind-pkcs11oracle-linux-upgrade-bind-pkcs11-develoracle-linux-upgrade-bind-pkcs11-libsoracle-linux-upgrade-bind-pkcs11-utilsoracle-linux-upgrade-bind-sdboracle-linux-upgrade-bind-sdb-chrootoracle-linux-upgrade-bind-utilsoracle-linux-upgrade-python3-bindoracle-linux-upgrade-python3-bind9-16
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.