SUSE update for bind
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2025-40778 CVE-2025-40780 |
| CWE-ID | CWE-345 CWE-337 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
Basesystem Module Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP3 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing LTSS 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system SUSE Enterprise Storage Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system bind-doc Operating systems & Components / Operating system package or component python3-bind Operating systems & Components / Operating system package or component libisccc1600-debuginfo Operating systems & Components / Operating system package or component libirs1601 Operating systems & Components / Operating system package or component bind-utils Operating systems & Components / Operating system package or component libbind9-1600 Operating systems & Components / Operating system package or component bind-debugsource Operating systems & Components / Operating system package or component libisc1606 Operating systems & Components / Operating system package or component libisccc1600 Operating systems & Components / Operating system package or component bind-devel Operating systems & Components / Operating system package or component bind-chrootenv Operating systems & Components / Operating system package or component bind Operating systems & Components / Operating system package or component libisccfg1600-debuginfo Operating systems & Components / Operating system package or component libirs-devel Operating systems & Components / Operating system package or component libdns1605-debuginfo Operating systems & Components / Operating system package or component bind-debuginfo Operating systems & Components / Operating system package or component libdns1605 Operating systems & Components / Operating system package or component libbind9-1600-debuginfo Operating systems & Components / Operating system package or component libns1604-debuginfo Operating systems & Components / Operating system package or component libns1604 Operating systems & Components / Operating system package or component libisccfg1600 Operating systems & Components / Operating system package or component bind-utils-debuginfo Operating systems & Components / Operating system package or component libisc1606-debuginfo Operating systems & Components / Operating system package or component libirs1601-debuginfo Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Insufficient verification of data authenticity
EUVDB-ID: #VU117610
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:P/U:Green]
CVE-ID: CVE-2025-40778
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to poison DNS cache.
The vulnerability exists due to insufficient verification of data authenticity when accepting records from answers. A remote attacker can inject forged data into the cache leading to DNS cache poisoning.
MitigationUpdate the affected package bind to the latest version.
Vulnerable software versionsBasesystem Module: 15-SP6 - 15-SP7
SUSE Linux Enterprise Real Time 15: SP6 - SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP3 - SP7
SUSE Linux Enterprise Server 15: SP3 - SP7
SUSE Linux Enterprise Desktop 15: SP6 - SP7
SUSE Linux Enterprise Server 15 SP3: LTSS
SUSE Linux Enterprise High Performance Computing LTSS 15: SP3
SUSE Linux Enterprise High Performance Computing 15: SP3
SUSE Enterprise Storage: 7.1
openSUSE Leap: 15.3
bind-doc: before 9.16.6-150300.22.53.1
python3-bind: before 9.16.6-150300.22.53.1
libisccc1600-debuginfo: before 9.16.6-150300.22.53.1
libirs1601: before 9.16.6-150300.22.53.1
bind-utils: before 9.16.6-150300.22.53.1
libbind9-1600: before 9.16.6-150300.22.53.1
bind-debugsource: before 9.16.6-150300.22.53.1
libisc1606: before 9.16.6-150300.22.53.1
libisccc1600: before 9.16.6-150300.22.53.1
bind-devel: before 9.16.6-150300.22.53.1
bind-chrootenv: before 9.16.6-150300.22.53.1
bind: before 9.16.6-150300.22.53.1
libisccfg1600-debuginfo: before 9.16.6-150300.22.53.1
libirs-devel: before 9.16.6-150300.22.53.1
libdns1605-debuginfo: before 9.16.6-150300.22.53.1
bind-debuginfo: before 9.16.6-150300.22.53.1
libdns1605: before 9.16.6-150300.22.53.1
libbind9-1600-debuginfo: before 9.16.6-150300.22.53.1
libns1604-debuginfo: before 9.16.6-150300.22.53.1
libns1604: before 9.16.6-150300.22.53.1
libisccfg1600: before 9.16.6-150300.22.53.1
bind-utils-debuginfo: before 9.16.6-150300.22.53.1
libisc1606-debuginfo: before 9.16.6-150300.22.53.1
libirs1601-debuginfo: before 9.16.6-150300.22.53.1
CPE2.3- cpe:2.3:o:suse:basesystem_module:15-SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:basesystem_module:15-SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp3:LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_ltss_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.3:*:*:*:*:*:*:*
- cpe:2.3:a:suse:bind-doc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python3-bind:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisccc1600-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libirs1601:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-utils:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libbind9-1600:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisc1606:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisccc1600:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-chrootenv:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisccfg1600-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libirs-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libdns1605-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libdns1605:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libbind9-1600-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libns1604-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libns1604:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisccfg1600:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-utils-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisc1606-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libirs1601-debuginfo:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20254109-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Predictable Seed in Pseudo-Random Number Generator (PRNG)
EUVDB-ID: #VU117604
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-40780
CWE-ID:
CWE-337 - Predictable Seed in Pseudo-Random Number Generator (PRNG)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to poison DNS cache.
The vulnerability exists due to weakness in the Pseudo Random Number Generator (PRNG). A remote attacker can predict the source port and query ID that BIND will use and perform DNS cache poisoning attacks.
MitigationUpdate the affected package bind to the latest version.
Vulnerable software versionsBasesystem Module: 15-SP6 - 15-SP7
SUSE Linux Enterprise Real Time 15: SP6 - SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP3 - SP7
SUSE Linux Enterprise Server 15: SP3 - SP7
SUSE Linux Enterprise Desktop 15: SP6 - SP7
SUSE Linux Enterprise Server 15 SP3: LTSS
SUSE Linux Enterprise High Performance Computing LTSS 15: SP3
SUSE Linux Enterprise High Performance Computing 15: SP3
SUSE Enterprise Storage: 7.1
openSUSE Leap: 15.3
bind-doc: before 9.16.6-150300.22.53.1
python3-bind: before 9.16.6-150300.22.53.1
libisccc1600-debuginfo: before 9.16.6-150300.22.53.1
libirs1601: before 9.16.6-150300.22.53.1
bind-utils: before 9.16.6-150300.22.53.1
libbind9-1600: before 9.16.6-150300.22.53.1
bind-debugsource: before 9.16.6-150300.22.53.1
libisc1606: before 9.16.6-150300.22.53.1
libisccc1600: before 9.16.6-150300.22.53.1
bind-devel: before 9.16.6-150300.22.53.1
bind-chrootenv: before 9.16.6-150300.22.53.1
bind: before 9.16.6-150300.22.53.1
libisccfg1600-debuginfo: before 9.16.6-150300.22.53.1
libirs-devel: before 9.16.6-150300.22.53.1
libdns1605-debuginfo: before 9.16.6-150300.22.53.1
bind-debuginfo: before 9.16.6-150300.22.53.1
libdns1605: before 9.16.6-150300.22.53.1
libbind9-1600-debuginfo: before 9.16.6-150300.22.53.1
libns1604-debuginfo: before 9.16.6-150300.22.53.1
libns1604: before 9.16.6-150300.22.53.1
libisccfg1600: before 9.16.6-150300.22.53.1
bind-utils-debuginfo: before 9.16.6-150300.22.53.1
libisc1606-debuginfo: before 9.16.6-150300.22.53.1
libirs1601-debuginfo: before 9.16.6-150300.22.53.1
CPE2.3- cpe:2.3:o:suse:basesystem_module:15-SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:basesystem_module:15-SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp3:LTSS:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_ltss_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_enterprise_storage:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.3:*:*:*:*:*:*:*
- cpe:2.3:a:suse:bind-doc:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:python3-bind:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisccc1600-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libirs1601:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-utils:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libbind9-1600:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisc1606:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisccc1600:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-chrootenv:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisccfg1600-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libirs-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libdns1605-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libdns1605:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libbind9-1600-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libns1604-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libns1604:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisccfg1600:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:bind-utils-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libisc1606-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libirs1601-debuginfo:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20254109-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
