"CVE-2026-3104 is described as a memory leak issue impacting code preparing DNSSEC proofs of non-existence. This can cause unbounded growth of Resident Set Size (RSS) memory, which may lead to an out-of-memory condition."
"CVE-2026-1519 can lead to high CPU consumption when the resolver encounters a maliciously crafted zone during DNSSEC validation, potentially decreasing the number of handled queries."
"The first medium-severity flaw addressed is CVE-2026-3119, which could lead to unexpected named termination during the processing of a query containing a TKEY record."
"CVE-2026-3591 is a use-after-return flaw in SIG(0) handling code that could lead to ACL bypass, exploitable via specially crafted DNS requests."
ISC has released updates for BIND 9 to address four vulnerabilities, including two high-severity issues. CVE-2026-3104 is a memory leak affecting DNSSEC proofs, potentially causing out-of-memory conditions. CVE-2026-1519 can lead to high CPU usage during DNSSEC validation, impacting query handling. Two medium-severity flaws, CVE-2026-3119 and CVE-2026-3591, could cause unexpected terminations and ACL bypass, respectively. Patches are available in several BIND versions, and ISC is unaware of any exploitation of these vulnerabilities.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]