PT-2025-43065 · Nlnet+7 · Unbound+7

Baojun Liu

Published

2025-10-22

Updated

2026-05-20

CVE-2025-11411

CVSS v4.0

7.1

High

Vector

AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions up to and including 1.24.0

Description Unbound is susceptible to domain hijack attacks through the manipulation of DNS responses. Specifically, maliciously crafted NS Resource Record Sets (RRSets) included in replies can cause the resolver to update its delegation information, potentially leading to a zone transfer. An attacker could exploit this by injecting NS RRSets, possibly through packet spoofing or fragmentation attacks, causing Unbound to update its existing NS RRSet data due to the perceived trustworthiness of the injected information.

Recommendations Update to version 1.24.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-349

Related Identifiers

ALSA-2026:18556

ALSA-2026:18931

ALT-PU-2025-13416

ALT-PU-2025-13420

ALT-PU-2025-13472

ALT-PU-2025-15076

ALT-PU-2025-15078

AZL-68675

AZL-68796

BDU:2026-03595

CVE-2025-11411

DLA-4365-1

DLA-4365-2

DSA-6071-1

ECHO-9E2A-1638-B83E

FREEBSD-SA-25_10

MGASA-2025-0273

MGASA-2025-0318

OESA-2025-2687

OPENSUSE-SU-2025:15668-1

OPENSUSE-SU-2026:20139-1

RHSA-2026:7645

SUSE-SU-2025:21050-1

SUSE-SU-2025:21065-1

SUSE-SU-2025:4134-1

SUSE-SU-2025:4391-1

SUSE-SU-2025_4134-1

SUSE-SU-2026:20180-1

SUSE-SU-2026:20201-1

USN-7855-1

USN-7855-2

Affected Products

Alt Linux

Debian

Freebsd

Linuxmint

Red Os

Suse

Ubuntu

Unbound

PT-2025-43065 · Nlnet+7 · Unbound+7

CVE-2025-11411

Weakness Enumeration

Related Identifiers

Affected Products

References · 88