CVE-2025-40776
Published: July 17, 2025Last modified: July 18, 2025
Description
A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1.
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.6 |
Attack Vector | NETWORK |
Attack complexity | LOW |
Privileges required | NONE |
User interaction | NONE |
Scope | CHANGED |
Confidentiality | NONE |
Integrity impact | HIGH |
Availability impact | NONE |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N |
Notes
This affects the subscription edition versions of the BIND 9 (-S suffix in the versions).
Status
Product | Release | Package | Status |
---|---|---|---|
Alpaquita Linux | 23 LTS | bind | Not affected (9.18.11-r0) |
Stream | bind | Not affected (9.18.16-r0) |