ALSA-2026:24338

See a problem?
Please try reporting it to the source first.

Source

https://errata.almalinux.org/10/ALSA-2026-24338.html

Import Source

https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:24338.json

JSON Data

https://api.test.osv.dev/v1/vulns/ALSA-2026:24338

Related

CVE-2026-3039
CVE-2026-5946

Published

2026-06-08T00:00:00Z

Modified

2026-06-08T11:30:04.143185630Z

Summary

Important: bind security update

Details

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation (CVE-2026-3039)
bind: BIND: Denial of Service via specially crafted DNS messages (CVE-2026-5946)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:10

bind

Package

Name: bind
Purl: pkg:rpm/almalinux/bind

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32:9.18.33-15.el10_2.2

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:24338.json"

bind-chroot

Package

Name: bind-chroot
Purl: pkg:rpm/almalinux/bind-chroot

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32:9.18.33-15.el10_2.2

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:24338.json"

bind-devel

Package

Name: bind-devel
Purl: pkg:rpm/almalinux/bind-devel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32:9.18.33-15.el10_2.2

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:24338.json"

bind-dnssec-utils

Package

Name: bind-dnssec-utils
Purl: pkg:rpm/almalinux/bind-dnssec-utils

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32:9.18.33-15.el10_2.2

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:24338.json"

bind-doc

Package

Name: bind-doc
Purl: pkg:rpm/almalinux/bind-doc

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32:9.18.33-15.el10_2.2

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:24338.json"

bind-libs

Package

Name: bind-libs
Purl: pkg:rpm/almalinux/bind-libs

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32:9.18.33-15.el10_2.2

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:24338.json"

bind-license

Package

Name: bind-license
Purl: pkg:rpm/almalinux/bind-license

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32:9.18.33-15.el10_2.2

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:24338.json"

bind-utils

Package

Name: bind-utils
Purl: pkg:rpm/almalinux/bind-utils

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32:9.18.33-15.el10_2.2

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:24338.json"