Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:37282 - Security Advisory
Issued:
2026-07-09
Updated:
2026-07-09

RHSA-2026:37282 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: unbound security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for unbound is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

Security Fix(es):

  • unbound: Unbound: Denial of Service via excessive EDNS options (CVE-2026-41292)
  • unbound: Unbound: Cache manipulation via 'ghost domain names' attack (CVE-2026-40622)
  • unbound: Unbound: Denial of Service due to excessive resource consumption with large DNS Resource Record Sets (CVE-2026-44390)
  • unbound: Unbound: Denial of Service due to degraded resolution performance in jostle logic (CVE-2026-42534)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x

Fixes

  • BZ - 2480125 - CVE-2026-41292 unbound: Unbound: Denial of Service via excessive EDNS options
  • BZ - 2480130 - CVE-2026-44390 unbound: Unbound: Denial of Service due to excessive resource consumption with large DNS Resource Record Sets
  • BZ - 2480131 - CVE-2026-42534 unbound: Unbound: Denial of Service due to degraded resolution performance in jostle logic

CVEs

  • CVE-2026-40622
  • CVE-2026-41292
  • CVE-2026-42534
  • CVE-2026-44390

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
unbound-1.16.2-5.12.el8_10.src.rpm SHA-256: b4466bdc0bb0836e7d9a0a5b280a5c69b03aebcd975d7827584e306fd81e6921
x86_64
python3-unbound-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: 0d5f59f44edb0ece93f6b4e2c64c068f99761011122afc4760b60305c899bf76
python3-unbound-debuginfo-1.16.2-5.12.el8_10.i686.rpm SHA-256: 0e6017547892c1dcff5f8a7dcab3eea37fb0d8ae733ef3797251d798123056e9
python3-unbound-debuginfo-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: 7f2e36a1ec937bc5a05fbce42bdadd257af43ff5c31467596d9f8fc661eda566
unbound-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: f33edf319ad199459c792cf47f1a4cf48ba3bdb9557445f589834623b2c8d86a
unbound-debuginfo-1.16.2-5.12.el8_10.i686.rpm SHA-256: 25144dd22606d5fd046d615edb5f75fedab702cc51b133e4e9c372c50c8ff2ee
unbound-debuginfo-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: 6a6401fed40a155d1e5efd42f5d2c3e0e0558e05e9423592a67c70079cacec23
unbound-debugsource-1.16.2-5.12.el8_10.i686.rpm SHA-256: 82e894ff792ef015500236ad5c283013d350149d27b799654057b4705b1ede9d
unbound-debugsource-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: cce6b4686625a2496aa4c5bb8eda6db857b393696526c5b428ddc9c3ebdf79f5
unbound-devel-1.16.2-5.12.el8_10.i686.rpm SHA-256: 132ae321b8e6951fc1f75330b855b5b0150b513d34095206acde4c1a8c67ef62
unbound-devel-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: d13793116d660510adb20daf039483ebf00938095bcbe039756a060c5584ef5f
unbound-libs-1.16.2-5.12.el8_10.i686.rpm SHA-256: 3198676e338b105479923db4b6816d60ee1323b95e94668bc7958b2f6cd1e21e
unbound-libs-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: 172f18de9ad089167ca644b579c2c97dba70dc6b8b16d4ad979a63e77ec46235
unbound-libs-debuginfo-1.16.2-5.12.el8_10.i686.rpm SHA-256: e87e4afe227a55e441cae39237c99fa7fee32224322cb05a7bc46f12012f1b8e
unbound-libs-debuginfo-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: 16c42c81b65359efd5da90212afa8a3cee5b01b8c2cab1b68ae1eb6994bb1da9

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
unbound-1.16.2-5.12.el8_10.src.rpm SHA-256: b4466bdc0bb0836e7d9a0a5b280a5c69b03aebcd975d7827584e306fd81e6921
s390x
python3-unbound-1.16.2-5.12.el8_10.s390x.rpm SHA-256: f79358cafb6b534be87225bd4d77bef2e33cb12b2dc13157cf590eee728faf01
python3-unbound-debuginfo-1.16.2-5.12.el8_10.s390x.rpm SHA-256: 23f4bf503a2ca2f1984c17846d01f5ac8dbab15ccf54665a9d2f198b5ec17f8b
unbound-1.16.2-5.12.el8_10.s390x.rpm SHA-256: f54f2bb89bf6c835b31bedf1a4e5b80e8c695863b545ec056b91967dbd700c0c
unbound-debuginfo-1.16.2-5.12.el8_10.s390x.rpm SHA-256: 3c3525063b027db977eb567077763023bb909e0e14f2face171c47f3a2af6123
unbound-debugsource-1.16.2-5.12.el8_10.s390x.rpm SHA-256: 4980b7fcc28f7993ee143588cb2b611453a9a7ee060aa128b96f5204e712ab86
unbound-devel-1.16.2-5.12.el8_10.s390x.rpm SHA-256: 85c954507c918056a5834f665cdce98cc5302d3d0b29fc61957d31c2c98b7422
unbound-libs-1.16.2-5.12.el8_10.s390x.rpm SHA-256: 9be5ab0ed9034da13d4c93e7db71a5c5805b528bc37789fe9ec933f6df44e0a7
unbound-libs-debuginfo-1.16.2-5.12.el8_10.s390x.rpm SHA-256: ff9d3dfb87d393456d7508e8145a142f3808abc59a4898f8bac2a474b13e59af

Red Hat Enterprise Linux for Power, little endian 8

SRPM
unbound-1.16.2-5.12.el8_10.src.rpm SHA-256: b4466bdc0bb0836e7d9a0a5b280a5c69b03aebcd975d7827584e306fd81e6921
ppc64le
python3-unbound-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: 221cb1fccd3eca7a094db01a11c09e8614b9803eed2e50820ab14b7619556990
python3-unbound-debuginfo-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: a6ff3ad51065cd2fe0800b5c581b5abe8d0161d819d94b9a8bcaeaa3f881113f
unbound-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: fa086de61917a9fba3a48800c099861a2fe0f17aa34b952b8e68ce43534beb51
unbound-debuginfo-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: 92121507a0e73693d5d44037daaf6b590513d478422216450a76b52760b9237b
unbound-debugsource-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: 1173b2ca8bbd44a35a48cf863685f968edbf9cdf7e1221f87a5642dd864eca07
unbound-devel-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: a5cc7b6cb8374af81ab9c3532578c7534812e6c2a447d8da85fdc6ed7631b416
unbound-libs-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: b0daa1ba265a8444f3f598e7c7ebe744a690dea8be47ba463899fded17b4811c
unbound-libs-debuginfo-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: e1a0c0eac9c98f9d43e355ec03bb98c7bfa86b2074cb749bfde035fe8cb6898f

Red Hat Enterprise Linux for ARM 64 8

SRPM
unbound-1.16.2-5.12.el8_10.src.rpm SHA-256: b4466bdc0bb0836e7d9a0a5b280a5c69b03aebcd975d7827584e306fd81e6921
aarch64
python3-unbound-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: a96ce73fa2c4eb1c9ff7cb09898b4313a994127d51d5e11498dd4c903ddd5677
python3-unbound-debuginfo-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 76ba617a46e8ad68f5ffc8eef0224883f6b72569a5379965b44fb66c9eac10e9
unbound-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 447399acdcef13584a2d305adb3ed418e0398e1425d80a9c769164c1ffc49997
unbound-debuginfo-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 54bf501ce76f49f445cd5940fff3bc362ef493318af98c8666a25db9c997decb
unbound-debugsource-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 747dcd9e14a94a36d2568f750a348fb86584493e81c53770bb91ddab85ce9b0c
unbound-devel-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 0c0c1034c910d5f06340f88673bf13b54d988046e8eac7cc25afa2a99b681480
unbound-libs-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 6743f47c870975e9f8b0d87e421c6fb953de04a29f39aaa99423b93d4d4f03f2
unbound-libs-debuginfo-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: a22ba591fee2156ea80a4decf9670ecc4f31da2d4f7c203e74fb52a2f0829f87

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10

SRPM
unbound-1.16.2-5.12.el8_10.src.rpm SHA-256: b4466bdc0bb0836e7d9a0a5b280a5c69b03aebcd975d7827584e306fd81e6921
x86_64
python3-unbound-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: 0d5f59f44edb0ece93f6b4e2c64c068f99761011122afc4760b60305c899bf76
python3-unbound-debuginfo-1.16.2-5.12.el8_10.i686.rpm SHA-256: 0e6017547892c1dcff5f8a7dcab3eea37fb0d8ae733ef3797251d798123056e9
python3-unbound-debuginfo-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: 7f2e36a1ec937bc5a05fbce42bdadd257af43ff5c31467596d9f8fc661eda566
unbound-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: f33edf319ad199459c792cf47f1a4cf48ba3bdb9557445f589834623b2c8d86a
unbound-debuginfo-1.16.2-5.12.el8_10.i686.rpm SHA-256: 25144dd22606d5fd046d615edb5f75fedab702cc51b133e4e9c372c50c8ff2ee
unbound-debuginfo-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: 6a6401fed40a155d1e5efd42f5d2c3e0e0558e05e9423592a67c70079cacec23
unbound-debugsource-1.16.2-5.12.el8_10.i686.rpm SHA-256: 82e894ff792ef015500236ad5c283013d350149d27b799654057b4705b1ede9d
unbound-debugsource-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: cce6b4686625a2496aa4c5bb8eda6db857b393696526c5b428ddc9c3ebdf79f5
unbound-devel-1.16.2-5.12.el8_10.i686.rpm SHA-256: 132ae321b8e6951fc1f75330b855b5b0150b513d34095206acde4c1a8c67ef62
unbound-devel-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: d13793116d660510adb20daf039483ebf00938095bcbe039756a060c5584ef5f
unbound-libs-1.16.2-5.12.el8_10.i686.rpm SHA-256: 3198676e338b105479923db4b6816d60ee1323b95e94668bc7958b2f6cd1e21e
unbound-libs-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: 172f18de9ad089167ca644b579c2c97dba70dc6b8b16d4ad979a63e77ec46235
unbound-libs-debuginfo-1.16.2-5.12.el8_10.i686.rpm SHA-256: e87e4afe227a55e441cae39237c99fa7fee32224322cb05a7bc46f12012f1b8e
unbound-libs-debuginfo-1.16.2-5.12.el8_10.x86_64.rpm SHA-256: 16c42c81b65359efd5da90212afa8a3cee5b01b8c2cab1b68ae1eb6994bb1da9

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10

SRPM
unbound-1.16.2-5.12.el8_10.src.rpm SHA-256: b4466bdc0bb0836e7d9a0a5b280a5c69b03aebcd975d7827584e306fd81e6921
aarch64
python3-unbound-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: a96ce73fa2c4eb1c9ff7cb09898b4313a994127d51d5e11498dd4c903ddd5677
python3-unbound-debuginfo-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 76ba617a46e8ad68f5ffc8eef0224883f6b72569a5379965b44fb66c9eac10e9
unbound-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 447399acdcef13584a2d305adb3ed418e0398e1425d80a9c769164c1ffc49997
unbound-debuginfo-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 54bf501ce76f49f445cd5940fff3bc362ef493318af98c8666a25db9c997decb
unbound-debugsource-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 747dcd9e14a94a36d2568f750a348fb86584493e81c53770bb91ddab85ce9b0c
unbound-devel-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 0c0c1034c910d5f06340f88673bf13b54d988046e8eac7cc25afa2a99b681480
unbound-libs-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: 6743f47c870975e9f8b0d87e421c6fb953de04a29f39aaa99423b93d4d4f03f2
unbound-libs-debuginfo-1.16.2-5.12.el8_10.aarch64.rpm SHA-256: a22ba591fee2156ea80a4decf9670ecc4f31da2d4f7c203e74fb52a2f0829f87

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10

SRPM
unbound-1.16.2-5.12.el8_10.src.rpm SHA-256: b4466bdc0bb0836e7d9a0a5b280a5c69b03aebcd975d7827584e306fd81e6921
ppc64le
python3-unbound-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: 221cb1fccd3eca7a094db01a11c09e8614b9803eed2e50820ab14b7619556990
python3-unbound-debuginfo-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: a6ff3ad51065cd2fe0800b5c581b5abe8d0161d819d94b9a8bcaeaa3f881113f
unbound-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: fa086de61917a9fba3a48800c099861a2fe0f17aa34b952b8e68ce43534beb51
unbound-debuginfo-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: 92121507a0e73693d5d44037daaf6b590513d478422216450a76b52760b9237b
unbound-debugsource-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: 1173b2ca8bbd44a35a48cf863685f968edbf9cdf7e1221f87a5642dd864eca07
unbound-devel-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: a5cc7b6cb8374af81ab9c3532578c7534812e6c2a447d8da85fdc6ed7631b416
unbound-libs-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: b0daa1ba265a8444f3f598e7c7ebe744a690dea8be47ba463899fded17b4811c
unbound-libs-debuginfo-1.16.2-5.12.el8_10.ppc64le.rpm SHA-256: e1a0c0eac9c98f9d43e355ec03bb98c7bfa86b2074cb749bfde035fe8cb6898f

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10

SRPM
unbound-1.16.2-5.12.el8_10.src.rpm SHA-256: b4466bdc0bb0836e7d9a0a5b280a5c69b03aebcd975d7827584e306fd81e6921
s390x
python3-unbound-1.16.2-5.12.el8_10.s390x.rpm SHA-256: f79358cafb6b534be87225bd4d77bef2e33cb12b2dc13157cf590eee728faf01
python3-unbound-debuginfo-1.16.2-5.12.el8_10.s390x.rpm SHA-256: 23f4bf503a2ca2f1984c17846d01f5ac8dbab15ccf54665a9d2f198b5ec17f8b
unbound-1.16.2-5.12.el8_10.s390x.rpm SHA-256: f54f2bb89bf6c835b31bedf1a4e5b80e8c695863b545ec056b91967dbd700c0c
unbound-debuginfo-1.16.2-5.12.el8_10.s390x.rpm SHA-256: 3c3525063b027db977eb567077763023bb909e0e14f2face171c47f3a2af6123
unbound-debugsource-1.16.2-5.12.el8_10.s390x.rpm SHA-256: 4980b7fcc28f7993ee143588cb2b611453a9a7ee060aa128b96f5204e712ab86
unbound-devel-1.16.2-5.12.el8_10.s390x.rpm SHA-256: 85c954507c918056a5834f665cdce98cc5302d3d0b29fc61957d31c2c98b7422
unbound-libs-1.16.2-5.12.el8_10.s390x.rpm SHA-256: 9be5ab0ed9034da13d4c93e7db71a5c5805b528bc37789fe9ec933f6df44e0a7
unbound-libs-debuginfo-1.16.2-5.12.el8_10.s390x.rpm SHA-256: ff9d3dfb87d393456d7508e8145a142f3808abc59a4898f8bac2a474b13e59af

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility