7.5

CVE-2026-1519

Medienbericht

Excessive NSEC3 iterations cause high CPU load during insecure delegation validation

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries).
This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscBind SwEdition- Version >= 9.11.0 <= 9.16.50
IscBind SwEdition- Version >= 9.18.0 < 9.18.47
IscBind SwEdition- Version >= 9.20.0 < 9.20.21
IscBind SwEdition- Version >= 9.21.0 < 9.21.20
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.55% 0.719
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security-officer@isc.org 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-606 Unchecked Input for Loop Condition

The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping.

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
01.04.2026 09:30
https://kb.isc.org/docs/cve-2026-1519
Vendor Advisory
https://downloads.isc.org/isc/bind9/9.18.47
Patch
https://downloads.isc.org/isc/bind9/9.20.21
Patch
https://downloads.isc.org/isc/bind9/9.21.20
Patch
https://lists.debian.org/debian-lts-announce/2026/04/msg00008.html
Third Party Advisory
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=2451305
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-1519.json
https://access.redhat.com/errata/RHSA-2026:29863
https://access.redhat.com/errata/RHSA-2026:11371
https://access.redhat.com/errata/RHSA-2026:11372
https://access.redhat.com/errata/RHSA-2026:15890
https://access.redhat.com/errata/RHSA-2026:16060
https://access.redhat.com/errata/RHSA-2026:16064
https://access.redhat.com/errata/RHSA-2026:24500
https://access.redhat.com/errata/RHSA-2026:24851
https://access.redhat.com/errata/RHSA-2026:24934
https://access.redhat.com/errata/RHSA-2026:25083
https://access.redhat.com/errata/RHSA-2026:25171
https://access.redhat.com/errata/RHSA-2026:25214
https://access.redhat.com/errata/RHSA-2026:29110
https://access.redhat.com/errata/RHSA-2026:34048
https://access.redhat.com/errata/RHSA-2026:6935
https://access.redhat.com/errata/RHSA-2026:7915
https://access.redhat.com/errata/RHSA-2026:8075
https://access.redhat.com/errata/RHSA-2026:8155
https://access.redhat.com/errata/RHSA-2026:8312
https://access.redhat.com/errata/RHSA-2026:8352
https://access.redhat.com/security/cve/CVE-2026-1519