CVE-2025-40776

Name
CVE-2025-40776
Description
A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1.
NVD Severity
high
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vendor-advisory https://kb.isc.org/docs/cve-2025-40776

Match rules

CPE URI Source package Min version Max version
bind-9 >= 9.11.3-S1 <= 9.16.50-S1
bind-9 >= 9.18.11-S1 <= 9.18.37-S1
bind-9 >= 9.20.9-S1 <= 9.20.10-S1
bind-9 >= 9.0.0 <= 9.20.10

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
bind edge-main 9.20.11-r0 Mike Crute <mike@crute.us> fixed
bind 3.22-main 9.20.11-r0 Mike Crute <mike@crute.us> fixed