PT-2025-43372 · Isc +9 · Bind +9
Published
2025-10-22
·
Updated
2025-12-31
·
CVE-2025-40778
CVSS v3.1
8.6
8.6
High
| Base vector | Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
BIND versions 9.11.0 through 9.16.50
BIND versions 9.18.0 through 9.18.39
BIND versions 9.20.0 through 9.20.13
BIND versions 9.21.0 through 9.21.12
BIND Supported Preview Edition versions 9.11.3-S1 through 9.16.50-S1
BIND Supported Preview Edition versions 9.18.11-S1 through 9.18.39-S1
BIND Supported Preview Edition versions 9.20.9-S1 through 9.20.13-S1
Description
BIND is susceptible to a cache poisoning issue where it improperly handles DNS responses, allowing attackers to inject forged data into the cache. This can lead to redirection of users to malicious sites without their knowledge, potentially enabling phishing attacks, credential theft, and malware distribution. A proof-of-concept exploit is publicly available. Over 706,000 systems and potentially up to 5,900 exposed instances are estimated to be vulnerable. The issue occurs when BIND accepts unsolicited resource records, violating standard DNS security principles. The vulnerability allows off-path attackers to manipulate DNS resolution, potentially redirecting traffic to attacker-controlled infrastructure. The
forwardersRecommendations
Upgrade to BIND version 9.18.41
Upgrade to BIND version 9.20.15
Upgrade to BIND version 9.21.14 or later
Upgrade to BIND Supported Preview Edition version 9.18.41-S1
Upgrade to BIND Supported Preview Edition version 9.20.15-S1
Restrict recursion to trusted clients
Enable DNSSEC validation
Exploit
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com
Weakness Enumeration
Related Identifiers
ALSA-2025:19793
ALSA-2025:19835
ALSA-2025:19912
ALSA-2025:21034
ALSA-2025:21111
ALSA-2025_19793
ALSA-2025_19835
ALSA-2025_19950
ALSA-2025_21110
ALSA-2025_21111
ALT-PU-2025-13369
ALT-PU-2025-13412
BDU:2025-13637
CESA-2025_19793
CESA-2025_19835
CVE-2025-40778
DLA-4364-1
DSA-6033-1
INFSA-2025_19793
INFSA-2025_19835
INFSA-2025_21110
INFSA-2025_21111
MGASA-2025-0254
OESA-2025-2653
OESA-2025-2654
OESA-2025-2759
RHSA-2025:19793
RHSA-2025:19835
RHSA-2025:19912
RHSA-2025:19950
RHSA-2025:19951
RHSA-2025:21034
RHSA-2025:21110
RHSA-2025:21111
RHSA-2025:21817
RHSA-2025:21887
RHSA-2025:22205
RHSA-2025_19793
RHSA-2025_19835
RHSA-2025_19950
RHSA-2025_19951
RHSA-2025_21110
RHSA-2025_21111
SUSE-SU-2025:4107-1
SUSE-SU-2025:4108-1
SUSE-SU-2025:4109-1
SUSE-SU-2025:4110-1
SUSE-SU-2025_3903-1
SUSE-SU-2025_3976-1
SUSE-SU-2025_4107-1
SUSE-SU-2025_4108-1
SUSE-SU-2025_4109-1
SUSE-SU-2025_4110-1
USN-7836-1
USN-7836-2
Affected Products
Alt Linux
Almalinux
Bind
Centos
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
References · 181
- 🔥 https://github.com/nehkark/CVE-2025-40778⭐ 4 🔗 2 · Exploit
- 🔥 https://gist.github.com/N3mes1s/f76b4a606308937b0806a5256bc1f918 · Exploit
- https://advisories.mageia.org/MGASA-2025-0254.html · Security Note
- https://osv.dev/vulnerability/SUSE-SU-2025:4110-1 · Vendor Advisory
- https://errata.almalinux.org/9/ALSA-2025-21110.html · Vendor Advisory
- https://errata.rockylinux.org/RLSA-2025:19835 · Vendor Advisory
- https://errata.rockylinux.org/RLSA-2025:21111 · Vendor Advisory
- https://kb.isc.org/docs/cve-2025-40778 · Vendor Advisory
- https://security-tracker.debian.org/tracker/DLA-4364-1 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8677 · Security Note
- https://nvd.nist.gov/vuln/detail/CVE-2025-40780 · Security Note
- https://linux.oracle.com/errata/ELSA-2025-19835.html · Vendor Advisory
- https://osv.dev/vulnerability/DSA-6033-1 · Vendor Advisory
- https://osv.dev/vulnerability/ALPINE-CVE-2025-40778 · Vendor Advisory
- https://errata.almalinux.org/9/ALSA-2025-21111.html · Vendor Advisory