Bug 2451305 (CVE-2026-1519) - CVE-2026-1519 bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone
Summary: CVE-2026-1519 bind: BIND: Denial of Service via maliciously crafted DNSSEC-va...
Keywords:
Status: NEW
Alias: CVE-2026-1519
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2451360 2451361
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-03-25 14:02 UTC by OSIDB Bzimport
Modified: 2026-05-11 20:12 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2026:8381 0 None None None 2026-04-16 04:54:33 UTC
Red Hat Product Errata RHBA-2026:8983 0 None None None 2026-04-20 12:37:39 UTC
Red Hat Product Errata RHSA-2026:11371 0 None None None 2026-04-28 15:11:51 UTC
Red Hat Product Errata RHSA-2026:11372 0 None None None 2026-04-28 15:02:34 UTC
Red Hat Product Errata RHSA-2026:15890 0 None None None 2026-05-11 01:51:29 UTC
Red Hat Product Errata RHSA-2026:16060 0 None None None 2026-05-11 20:12:21 UTC
Red Hat Product Errata RHSA-2026:16064 0 None None None 2026-05-11 19:55:24 UTC
Red Hat Product Errata RHSA-2026:7915 0 None None None 2026-04-13 19:31:44 UTC
Red Hat Product Errata RHSA-2026:8075 0 None None None 2026-04-14 14:47:11 UTC
Red Hat Product Errata RHSA-2026:8155 0 None None None 2026-04-14 17:28:30 UTC
Red Hat Product Errata RHSA-2026:8312 0 None None None 2026-04-15 13:56:36 UTC
Red Hat Product Errata RHSA-2026:8352 0 None None None 2026-04-15 22:42:30 UTC

Description OSIDB Bzimport 2026-03-25 14:02:20 UTC 
If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries).
This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.
Comment 3 errata-xmlrpc 2026-04-13 19:31:43 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:7915 https://access.redhat.com/errata/RHSA-2026:7915
Comment 4 errata-xmlrpc 2026-04-14 14:47:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:8075 https://access.redhat.com/errata/RHSA-2026:8075
Comment 5 errata-xmlrpc 2026-04-14 17:28:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:8155 https://access.redhat.com/errata/RHSA-2026:8155
Comment 6 errata-xmlrpc 2026-04-15 13:56:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:8312 https://access.redhat.com/errata/RHSA-2026:8312
Comment 7 errata-xmlrpc 2026-04-15 22:42:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:8352 https://access.redhat.com/errata/RHSA-2026:8352
Comment 11 errata-xmlrpc 2026-04-28 15:02:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION

Via RHSA-2026:11372 https://access.redhat.com/errata/RHSA-2026:11372
Comment 12 errata-xmlrpc 2026-04-28 15:11:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2026:11371 https://access.redhat.com/errata/RHSA-2026:11371
Comment 14 errata-xmlrpc 2026-05-11 01:51:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:15890 https://access.redhat.com/errata/RHSA-2026:15890
Comment 15 errata-xmlrpc 2026-05-11 19:55:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2026:16064 https://access.redhat.com/errata/RHSA-2026:16064
Comment 16 errata-xmlrpc 2026-05-11 20:12:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2026:16060 https://access.redhat.com/errata/RHSA-2026:16060
Note You need to log in before you can comment on or make changes to this bug.