AI description
CVE-2025-40775 affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7. The vulnerability arises when BIND encounters an incoming DNS protocol message that includes a Transaction Signature (TSIG). Specifically, the vulnerability triggers when the TSIG contains an invalid value in the algorithm field. In such cases, BIND immediately aborts with an assertion failure.
- Description
- When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7.
- Source
- security-officer@isc.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- security-officer@isc.org
- CWE-232
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
17
[JVNVU#97609206] ISC BINDにおける不正なTSIGを含むDNSメッセージの不適切な処理の脆弱性(CVE-2025-40775) https://t.co/9UbUNoyFfl #jvn #脆弱性 #セキュリティ
@jpsecuritynews
23 May 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
統合版 JPCERT/CC | JVN: ISC BINDにおける不正なTSIGを含むDNSメッセージの不適切な処理の脆弱性(CVE-2025-40775) https://t.co/GlvybO2mPX #itsec_jp
@itsec_jp
22 May 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
JVN: ISC BINDにおける不正なTSIGを含むDNSメッセージの不適切な処理の脆弱性(CVE-2025-40775) https://t.co/kgkTLyHlt4
@AileenWoodstock
22 May 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【注意喚起】(緊急)BIND 9.20.xの脆弱性(DNSサービスの停止)について(CVE-2025-40775) - フルリゾルバー(キャッシュDNSサーバー)/権威DNSサーバーの双方が対象、バージョンアップを強く推奨 - https://t.co/IHUZq
@JPRS_official
22 May 2025
1628 Impressions
12 Retweets
20 Likes
3 Bookmarks
0 Replies
1 Quote
JVNVU#97609206 ISC BINDにおける不正なTSIGを含むDNSメッセージの不適切な処理の脆弱性(CVE-2025-40775) https://t.co/gSRfWNJXco BIND かあ。脆弱性の修正を行ったバージョンが提供されていますので、利用されている方は早
@Syynya
22 May 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[2025/05/22 10:45 公表] ISC BINDにおける不正なTSIGを含むDNSメッセージの不適切な処理の脆弱性(CVE-2025-40775) https://t.co/HDchKb1CJW
@jvnjp
22 May 2025
1659 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
1 Quote
【自分用メモ】BIND 9.20.xの脆弱性が公開。 CVE-2025-40775: DNS message with invalid TSIG causes an assertion failure https://t.co/3v5ELuez6g
@OrangeMorishita
22 May 2025
2532 Impressions
4 Retweets
9 Likes
1 Bookmark
0 Replies
2 Quotes
【自分用メモ】予告通り。 CVE-2025-40775: DNS message with invalid TSIG causes an assertion failure https://t.co/3v5ELuez6g
@OrangeMorishita
21 May 2025
578 Impressions
2 Retweets
10 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-40775 When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value in the algorithm field, B… https://t.co/s3owyDzXCs
@CVEnew
21 May 2025
290 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40775: 9.20系 9.21系は対象で確定(他は未詳) 権威、フルリゾルバ両方 named down workaround 無し ---- "TSIG" "assertion failure" いつもの感
@w4yh
21 May 2025
54 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40775: DNS message with invalid TSIG causes an assertion failure BIND •9.20.0 -> 9.20.8 •9.21.0 -> 9.21.7 (Versions prior to 9.18.0 were not assessed.) https://t.co/vHE25JRGux
@yo_suematsu
21 May 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40775: BIND 9: DNS message with invalid TSIG causes an assertion failure https://t.co/N0nXFRQZkF
@oss_security
21 May 2025
433 Impressions
1 Retweet
6 Likes
0 Bookmarks
0 Replies
1 Quote