PT-2026-42135 · Nlnet+3 · Unbound+3

Qifan Zhang

·

Published

2026-05-20

·

Updated

2026-06-18

·

CVE-2026-44608

CVSS v3.1

5.9

Medium

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions 1.14.0 through 1.25.0
Description A locking inconsistency occurs when specific conditions are met: the system is multi-threaded, an RPZ (Response Policy Zone) XFR (Zone Transfer) reload is performed, and an RPZ zone contains rpz-nsip or rpz-nsdname triggers. If an XFR occurs while another thread is reading the RPZ zone, the reader may not hold the lock sufficiently, allowing the thread applying the XFR to free objects that the reader is accessing. This leads to a heap use-after-free (a situation where a program continues to use a pointer after it has been freed), which can result in a crash. Local RPZ files do not trigger this issue.
Recommendations Update to version 1.25.1.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-44608
ECHO-28D0-99D8-D11D
OPENSUSE-SU-2026:10903-1
OPENSUSE-SU-2026:21083-1
SUSE-SU-2026:21874-1
SUSE-SU-2026:21913-1
SUSE-SU-2026:22160-1
SUSE-SU-2026:22213-1
SUSE-SU-2026:2281-1
SUSE-SU-2026:2369-1
USN-8282-1

Affected Products

Freebsd
Linuxmint
Ubuntu
Unbound