Copyright © 2012 Red Hat, Inc. All rights reserved. Moderate 2026-05-26T03:44:20 bind: Amplification vulnerabilities via self-pointed glue records 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CWE-770

A flaw was found in BIND resolvers. A remote attacker could exploit this vulnerability by sending a query to a specially crafted zone. This would cause the resolver to consume disproportionate resources, leading to a denial of service (DoS) due to resource exhaustion.

Moderate: This vulnerability in BIND resolvers allows for an amplified resource consumption attack. A specially crafted DNS zone can cause a Red Hat system acting as a resolver to consume excessive resources, potentially leading to a denial of service. Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Red Hat Hardened Images 2026-05-21T00:00:00Z RHSA-2026:20334 bind-main-9.18.49-1.hum1 Red Hat Enterprise Linux 10 Fix deferred bind Red Hat Enterprise Linux 6 Fix deferred bind Red Hat Enterprise Linux 7 Fix deferred bind Red Hat Enterprise Linux 8 Fix deferred bind Red Hat Enterprise Linux 8 Fix deferred bind9.16 Red Hat Enterprise Linux 9 Fix deferred bind Red Hat Enterprise Linux 9 Fix deferred bind9.18 Red Hat Enterprise Linux 9 Fix deferred dhcp Red Hat OpenShift Container Platform 4 Fix deferred rhcos https://www.cve.org/CVERecord?id=CVE-2026-3592 https://nvd.nist.gov/vuln/detail/CVE-2026-3592