bind9.18-9.18.29-5.el9_7.2

エラータID: AXSA:2025-11540:06

リリース日: 
2025/12/16 Tuesday - 19:19
題名: 
bind9.18-9.18.29-5.el9_7.2
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- BIND には、応答内のリソースレコードの受け入れが過度に許容
される問題があるため、リモートの攻撃者により、データ破壊を可能
とする脆弱性が存在します。(CVE-2025-40778)

- BIND には、乱数の生成に用いるアルゴリズムの信頼性に問題が
あるため、リモートの攻撃者により、キャッシュポイズニングを可能
とする脆弱性が存在します。(CVE-2025-40780)

- BIND には、リモートの攻撃者により、サービス拒否攻撃
(リソース枯渇) を可能とする脆弱性が存在します。(CVE-2025-8677)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2025-40778
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
CVE-2025-40780
In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
CVE-2025-8677
Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. bind9.18-9.18.29-5.el9_7.2.src.rpm
    MD5: 3fcfebddd4f918be11383dc57fb5d224
    SHA-256: f4b4dcc4d528d91d4992a7476c23d90ae33bf6ec576af305301274f58546c8a7
    Size: 5.47 MB

Asianux Server 9 for x86_64
  1. bind9.18-9.18.29-5.el9_7.2.x86_64.rpm
    MD5: f193bf91ef4496dbe24eb5ed7430e60d
    SHA-256: 05b1dccfe07283c64cff61e2274b3964b9832e83e7ca39a6cbbca1a58d2f4e15
    Size: 528.43 kB
  2. bind9.18-chroot-9.18.29-5.el9_7.2.x86_64.rpm
    MD5: 312e6f2ab1ccc438cb7ff31caf99b9f8
    SHA-256: 8a0d99dfc23333a11309853f412d10a80f5de7f65295aa617459d115af87668b
    Size: 15.85 kB
  3. bind9.18-devel-9.18.29-5.el9_7.2.i686.rpm
    MD5: 9f6b4a165b8b50554656281e04314b2a
    SHA-256: 5114d7c354fa31ed7fe80ff55791cb63f2be01dd17ede5a5b081a1edde7ac120
    Size: 338.06 kB
  4. bind9.18-devel-9.18.29-5.el9_7.2.x86_64.rpm
    MD5: 4956c65b3f52adf6cc315559ae1f9dfe
    SHA-256: 284453da16465ef2dc43115d960bb5144f72d010627cb5795ac95817ca633c21
    Size: 338.05 kB
  5. bind9.18-dnssec-utils-9.18.29-5.el9_7.2.x86_64.rpm
    MD5: bdabdf3a8c8df3bb3f4b67d322282894
    SHA-256: f7e33e0331b00c5fcd54190210dc13d37a5d6c84972e75133d68eb44c6f3acd3
    Size: 147.74 kB
  6. bind9.18-doc-9.18.29-5.el9_7.2.noarch.rpm
    MD5: 086cef5df378ac61579d146e65f1d407
    SHA-256: 9c03fff0d407ba98ccc556a5ee16ee58b86c58bf78f30e018a7783224bf15ed3
    Size: 2.70 MB
  7. bind9.18-libs-9.18.29-5.el9_7.2.i686.rpm
    MD5: 15e99b2335d12ddc58292d571b57e73d
    SHA-256: 9719a9eda482af4c938b7d68236881070fc8c78c34c62e4ed4cc54eb69ebcdcb
    Size: 1.34 MB
  8. bind9.18-libs-9.18.29-5.el9_7.2.x86_64.rpm
    MD5: e0d9885f38405568cd229b32b31b0f02
    SHA-256: 5e17d063ed4af4e80c7696cda18462c2295680adde0d62cee619a65e60acf968
    Size: 1.25 MB
  9. bind9.18-utils-9.18.29-5.el9_7.2.x86_64.rpm
    MD5: ff3cd5913e3ed397ebeb784ff27d907c
    SHA-256: d83358c4d78c75664af3d180ccabb20ddc6a7d4472df22d65e7f88226e008119
    Size: 221.55 kB