CNNVD-202510-2831 Information

CNNVD ID

CNNVD-202510-2831

Related CVE

CVE-2025-40780

• CNNVD Published: 2025-10-22

Description (Chinese)

ISC BIND 9是ISC组织的一个域名系统软件。 ISC BIND 9 9.16.0版本至9.16.50版本、9.18.0版本至9.18.39版本、9.20.0版本至9.20.13版本、9.21.0版本至9.21.12版本、9.16.8-S1版本至9.16.50-S1版本、9.18.11-S1版本至9.18.39-S1版本和9.20.9-S1版本至9.20.13-S1版本存在安全漏洞，该漏洞源于伪随机数生成器存在弱点，可能导致攻击者预测源端口和查询ID。

Description (English)

ISC BIND 9 is an ISC-organized domain name system software. There is a security gap between ISIC BIND 9.9.16.0 to 9.16.50, 9.18.0 to 9.18.39, 9.2.0 to 9.20.13, 9.21.0 to 9.21.12, 9.16.8-S1 to 9.16.50-S1, 9.18.11-S1 to 9.18.39-S1 and 9.20.9-S1 to 9.20.13-S1 due to the weaknesses of the pseudo-random generator, which may lead to the attacker ’ s prediction source and query ID.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

ISC

Published

2025-10-22

Last Modified

2026-02-24

References

https://kb.isc.org/docs/cve-2025-40780

Patch

https://www.isc.org/bind/