A Denial of Service vulnerability (CVE-2026-1519, CVSS 7.5 HIGH) in BIND allows remote attackers to crash the `named` service via a maliciously crafted DNSSEC-validated zone. Affected versions include ISC BIND 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, and 9.21.0 through 9.21.19. Red Hat has released updates for RHEL 9.6 EUS; for upstream BIND, the fixed versions are 9.18.47, 9.20.21, and 9.21.20.
Red Hat Product Errata RHSA-2026:24500 - Security Advisory Issued: 2026-06-08 Updated: 2026-06-08 RHSA-2026:24500 - Security Advisory Overview Updated Packages Synopsis Important: bind security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for bind is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone (CVE-2026-1519) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2451305 - CVE-2026-1519 bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVEs CVE-2026-1519 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM bind-9.16.23-31.el9_6.3.src.rpm SHA-256: 3945a84fc20c8c5944913681090273d0ad25d405b073a1c0fd50d5e395039ed5 x86_64 bind-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 648996abf649164f39caa1f547045ac0cc2ee253ae404aed47e12d6f9ae76126 bind-chroot-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: fef17a384b01d62c506bb2fc4e82ee1a91e7b670c55e55c0a2e0a27c8d0f2456 bind-debuginfo-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 05eae4fa131a0a649c5e4660bdfbec9d6286157aaf641e05deafe631744d8287 bind-debugsource-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 935fbb0cbbc844b0143472c85661aa849b137baf451a43870ea5819fbcdd84dc bind-dnssec-doc-9.16.23-31.el9_6.3.noarch.rpm SHA-256: 2759ac0346a5a37f3ff22bd3cf3d72f30ff4f9f2d13dbabfae7d8dba75b8881f bind-dnssec-utils-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: fe22f8355ea69aaf925add95618e40c7c7928d6101d8eb9ae1372a62a8eda3d3 bind-dnssec-utils-debuginfo-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 62e5b9a1b36be353057ec5810045a419340ddbfda3877a84e98675415c244ac6 bind-libs-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 4c1e5d2a6bafcdaa34a1d6c72cc0b8375525c8c0f6e9c52bb679c9cdf0857ef9 bind-libs-debuginfo-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 2292fb8ec5135cf91d24b68de50a9f614cc1902009c54e51aaeb4dad41dbaf71 bind-license-9.16.23-31.el9_6.3.noarch.rpm SHA-256: f1220529f8d6dc3cc26be2aef88dc8bc651324596bb1da93b320cda9e43c5faf bind-utils-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 7d8d85d364ae38db3395e0dae5984ee90bbbe3ce2af12f840de0189e0f75291a bind-utils-debuginfo-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 9a2635a1298d1bb912c7c1d698e748ee97b113821fc0c1c205ad8b44edca614f python3-bind-9.16.23-31.el9_6.3.noarch.rpm SHA-256: 8cb3a8ffafe704190113d71348fa2afd48f051959192340fc39b74f288b58ba8 Red Hat Enterprise Linux Server - AUS 9.6 SRPM bind-9.16.23-31.el9_6.3.src.rpm SHA-256: 3945a84fc20c8c5944913681090273d0ad25d405b073a1c0fd50d5e395039ed5 x86_64 bind-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 648996abf649164f39caa1f547045ac0cc2ee253ae404aed47e12d6f9ae76126 bind-chroot-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: fef17a384b01d62c506bb2fc4e82ee1a91e7b670c55e55c0a2e0a27c8d0f2456 bind-debuginfo-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 05eae4fa131a0a649c5e4660bdfbec9d6286157aaf641e05deafe631744d8287 bind-debugsource-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 935fbb0cbbc844b0143472c85661aa849b137baf451a43870ea5819fbcdd84dc bind-dnssec-doc-9.16.23-31.el9_6.3.noarch.rpm SHA-256: 2759ac0346a5a37f3ff22bd3cf3d72f30ff4f9f2d13dbabfae7d8dba75b8881f bind-dnssec-utils-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: fe22f8355ea69aaf925add95618e40c7c7928d6101d8eb9ae1372a62a8eda3d3 bind-dnssec-utils-debuginfo-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 62e5b9a1b36be353057ec5810045a419340ddbfda3877a84e98675415c244ac6 bind-libs-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 4c1e5d2a6bafcdaa34a1d6c72cc0b8375525c8c0f6e9c52bb679c9cdf0857ef9 bind-libs-debuginfo-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 2292fb8ec5135cf91d24b68de50a9f614cc1902009c54e51aaeb4dad41dbaf71 bind-license-9.16.23-31.el9_6.3.noarch.rpm SHA-256: f1220529f8d6dc3cc26be2aef88dc8bc651324596bb1da93b320cda9e43c5faf bind-utils-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 7d8d85d364ae38db3395e0dae5984ee90bbbe3ce2af12f840de0189e0f75291a bind-utils-debuginfo-9.16.23-31.el9_6.3.x86_64.rpm SHA-256: 9a2635a1298d1bb912c7c1d698e748ee97b113821fc0c1c205ad8b44edca614f python3-bind-9.16.23-31.el9_6.3.noarch.rpm SHA-256: 8cb3a8ffafe704190113d71348fa2afd48f051959192340fc39b74f288b58ba8 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM bind-9.16.23-31.el9_6.3.src.rpm SHA-256: 3945a84fc20c8c5944913681090273d0ad25d405b073a1c0fd50d5e395039ed5 s390x bind-9.16.23-31.el9_6.3.s390x.rpm SHA-256: b428fecbec4890ad88a5b12dc5db79a87acf489c9766498b411e29f62539c89f bind-chroot-9.16.23-31.el9_6.3.s390x.rpm SHA-256: fec01bc8105611a727fcc434dd0040d95e9fe43446355724d640d7e6eefd7480 bind-debuginfo-9.16.23-31.el9_6.3.s390x.rpm SHA-256: c6f6c2ac7bad07a7e6a535f95a3c9737d70929d67e3558e3503f2e8e81955e96 bind-debugsource-9.16.23-31.el9_6.3.s390x.rpm SHA-256: ed1c8ae398a27f778ce7213ceeef7e964233776d8ecf5e497cfb76ec6f9f64c3 bind-dnssec-doc-9.16.23-31.el9_6.3.noarch.rpm SHA-256: 2759ac0346a5a37f3ff22bd3cf3d72f30ff4f9f2d13dbabfae7d8dba75b8881f bind-dnssec-utils-9.16.23-31.el9_6.3.s390x.rpm SHA-256: 128894ce773cba06bc4c02dc3ebdb767e7d325725301372eccb184200e16d112 bind-dnssec-utils-debuginfo-9.16.23-31.el9_6.3.s390x.rpm SHA-256: f664e4c4ed596694f184d223a9cbd3c55b763fc765bc5fdf60f2f4cc9ae94173 bind-libs-9.16.23-31.el9_6.3.s390x.rpm SHA-256: 0c83021dc51fcb1a82490cd2d20cb7e23b8d0dcfc71ce906ea7708d919188530 bind-libs-debuginfo-9.16.23-31.el9_6.3.s390x.rpm SHA-256: 1a7a72df9b6a83a4bb7b4937bdd960d2bfe8921040f08badbbbef69821143390 bind-license-9.16.23-31.el9_6.3.noarch.rpm SHA-256: f1220529f8d6dc3cc26be2aef88dc8bc651324596bb1da93b320cda9e43c5faf bind-utils-9.16.23-31.el9_6.3.s390x.rpm SHA-256: 84072112e5e520e56f41d3db820b223ea328194b8164cfa92a93aa1d2ebc1ef7 bind-utils-debuginfo-9.16.23-31.el9_6.3.s390x.rpm SHA-256: 721ea64f8c9521dc3be1452604c3c494d6417487e9f7d08be357511b96a8fd8d python3-bind-9.16.23-31.el9_6.3.noarch.rpm SHA-256: 8cb3a8ffafe704190113d71348fa2afd48f051959192340fc39b74f288b58ba8 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM bind-9.16.23-31.el9_6.3.src.rpm SHA-256: 3945a84fc20c8c5944913681090273d0ad25d405b073a1c0fd50d5e395039ed5 ppc64le bind-9.16.23-31.el9_6.3.ppc64le.rpm SHA-256: 3c683f27a1b6c152eb94a4c449c554f1f197550e16fdd4e4bc78b1a385abca1f bind-chroot-9.16.23-31.el9_6.3.ppc64le.rpm SHA-256: 09574e71a21658f090be3c456e278df41d5c0ca0a78024744ce88b26d10f34b9 bind-debuginfo-9.16.23-31.el9_6.3.ppc64le.rpm SHA-256: 6d6448f3e2a3093b434eff56cf385a85fc2bc9290faf0d2821e3287c658dab54 bind-debugsource-9.16.23-31.el9_6.3.ppc64le.rpm SHA-256: 01f1fc3b0c59e149a14eb23f80689303fd10f348852458298e160780a4cf2965 bind-dnssec-doc-9.16.23-31.el9_6.3.noarch.rpm SHA-256: 2759ac0346a5a37f3ff22bd3cf3d72f30ff4f9f2d13dbabfae7d8dba75b8881f bind-dnssec-utils-9.16.23-31.el9_6.3.ppc64le.rpm SHA-256: 74472024bf1e4861bf287bcd9aac3a865e4c18867e6b4726fd701dbded791857 bind-dnssec-utils-debuginfo-9.16.23-31.el9_6.3.ppc64le.rpm SHA-256: 4e992d994c2a46344e4adbc0e00e08e6dd5fc875f62dcca9fe186b38d13e950d bind-libs-9.16.23-31.el9_6.3.ppc64le.rpm SHA-256: 02f8f9e4f1b84750b4a661019ba55679d9d9835fd0a1a892dfc4f2494ad1d02c bind-libs-debuginfo-9.16.23-31.el9_6.3.ppc64le.rpm SHA-256: 6ed37ef3505fe4d485c852178cd142caeaaec72728411eb6878ffda08242075d bind-license-9.16.23-31.el9_6.3.noarch.rpm SHA-256: f1220529f8d6dc3cc26be2aef88dc8bc651324596bb1da93b320cda9e43c5faf bind-utils-9.16.23-31.el9_6.3.ppc64le.rpm SHA-256: 52360263b35b2afa07dc4967127a5b82842d8d07892e591e42071ac4efad7c97 bind-utils-debuginfo-9.16.23-31.el9_6.3.ppc64le.rpm SHA-256: 519c9e7e153500d6c1b9d4c97284176772f58d842a559008c77f9ef2f9b39648 python3-bind-9.16.23-31.el9_6.3.noarch.rpm