SB2025111905 - Red Hat Enterprise Linux 8 update for bind 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025111905

SB2025111905 - Red Hat Enterprise Linux 8 update for bind

Published: November 19, 2025

Security Bulletin ID SB2025111905
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Reliance on Reverse DNS Resolution for a Security-Critical Action (CVE-ID: CVE-2021-25220)

The vulnerability allows a remote attacker to poison DNS cache.

The vulnerability exists due to an error in DNS forwarder implementation. When using forwarders, bogus NS records supplied by, or via, those forwarders may be cached and used by named if it needs to recurse for any reason, causing it to obtain and pass on potentially incorrect answers. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.



2) Insufficient verification of data authenticity (CVE-ID: CVE-2025-40778)

The vulnerability allows a remote attacker to poison DNS cache.

The vulnerability exists due to insufficient verification of data authenticity when accepting records from answers. A remote attacker can inject forged data into the cache leading to DNS cache poisoning. 


Remediation

Install update from vendor's website.

References