PT-2026-42128 · Nlnet+3 · Unbound+3
Qifan Zhang
·
Published
2026-05-20
·
Updated
2026-06-30
·
CVE-2026-41292
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
NLnet Labs Unbound versions prior to 1.25.1
Description
An issue exists related to the parsing of long lists of incoming EDNS (Extension Mechanisms for DNS) options. An adversary can send queries containing an excessive number of EDNS options, causing Unbound threads to be held hostage while parsing and creating internal data structures. Coordinated attacks of this nature can lead to service degradation or a denial of service.
Recommendations
Update to version 1.25.1.
Fix
DoS
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Freebsd
Linuxmint
Ubuntu
Unbound