PT-2026-42127 · Nlnet+3 · Unbound+3
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Unbound versions 1.16.2 through 1.25.0
Description
An issue exists within the ghost domain names family of attacks that allows an adversary who controls a ghost zone and can query the system to extend the ghost domain window by up to one cached TTL configured value. A single client NS query can cause the software to overwrite the cached expired parent-side referral NS rrset with the child-side apex NS rrset, utilizing the
cache-max-ttl value. In configurations where harden-referral-path: yes is enabled, the issue can occur without a client NS query as the system performs that query implicitly.Recommendations
Update to version 1.25.1.
Fix
DoS
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Freebsd
Linuxmint
Ubuntu
Unbound