RLSA-2026:23231

Synopsis

Important: unbound security update

Description

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

Security Fix(es):

* unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (CVE-2026-42944)

* unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages (CVE-2026-42959)

* unbound: Unbound DNSSEC Validator Use-After-Free via Deep Copy Pointer Overwrite Leading to DoS and Possible Remote Code Execution (CVE-2026-33278)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 10 aarch64 Rocky Linux 10 ppc64le Rocky Linux 10 riscv64 Rocky Linux 10 s390x Rocky Linux 10 x86_64

Fixes

2479808 2479806 2479774

CVEs

CVE-2026-33278 CVE-2026-42944 CVE-2026-42959

Affected packages

Rocky Linux 10 aarch64 - AppStream

unbound-libs-0:1.24.2-7.el10_2.1.aarch64.rpm python3-unbound-0:1.24.2-7.el10_2.1.aarch64.rpm unbound-debuginfo-0:1.24.2-7.el10_2.1.aarch64.rpm unbound-0:1.24.2-7.el10_2.1.src.rpm unbound-0:1.24.2-7.el10_2.1.aarch64.rpm unbound-anchor-0:1.24.2-7.el10_2.1.aarch64.rpm unbound-debugsource-0:1.24.2-7.el10_2.1.aarch64.rpm unbound-anchor-debuginfo-0:1.24.2-7.el10_2.1.aarch64.rpm unbound-dracut-0:1.24.2-7.el10_2.1.aarch64.rpm python3-unbound-debuginfo-0:1.24.2-7.el10_2.1.aarch64.rpm unbound-libs-debuginfo-0:1.24.2-7.el10_2.1.aarch64.rpm unbound-utils-debuginfo-0:1.24.2-7.el10_2.1.aarch64.rpm unbound-utils-0:1.24.2-7.el10_2.1.aarch64.rpm

Rocky Linux 10 x86_64 - CRB

unbound-devel-0:1.24.2-7.el10_2.1.x86_64.rpm

Rocky Linux 10 x86_64 - AppStream

unbound-anchor-0:1.24.2-7.el10_2.1.x86_64.rpm python3-unbound-debuginfo-0:1.24.2-7.el10_2.1.x86_64.rpm unbound-libs-debuginfo-0:1.24.2-7.el10_2.1.x86_64.rpm unbound-0:1.24.2-7.el10_2.1.src.rpm unbound-dracut-0:1.24.2-7.el10_2.1.x86_64.rpm unbound-0:1.24.2-7.el10_2.1.x86_64.rpm python3-unbound-0:1.24.2-7.el10_2.1.x86_64.rpm unbound-debuginfo-0:1.24.2-7.el10_2.1.x86_64.rpm unbound-utils-0:1.24.2-7.el10_2.1.x86_64.rpm unbound-libs-0:1.24.2-7.el10_2.1.x86_64.rpm unbound-utils-debuginfo-0:1.24.2-7.el10_2.1.x86_64.rpm unbound-anchor-debuginfo-0:1.24.2-7.el10_2.1.x86_64.rpm unbound-debugsource-0:1.24.2-7.el10_2.1.x86_64.rpm

Rocky Linux 10 s390x - AppStream

unbound-anchor-debuginfo-0:1.24.2-7.el10_2.1.s390x.rpm unbound-0:1.24.2-7.el10_2.1.src.rpm unbound-anchor-0:1.24.2-7.el10_2.1.s390x.rpm unbound-libs-0:1.24.2-7.el10_2.1.s390x.rpm unbound-libs-debuginfo-0:1.24.2-7.el10_2.1.s390x.rpm unbound-utils-debuginfo-0:1.24.2-7.el10_2.1.s390x.rpm unbound-0:1.24.2-7.el10_2.1.s390x.rpm unbound-debugsource-0:1.24.2-7.el10_2.1.s390x.rpm unbound-dracut-0:1.24.2-7.el10_2.1.s390x.rpm python3-unbound-debuginfo-0:1.24.2-7.el10_2.1.s390x.rpm unbound-debuginfo-0:1.24.2-7.el10_2.1.s390x.rpm unbound-utils-0:1.24.2-7.el10_2.1.s390x.rpm python3-unbound-0:1.24.2-7.el10_2.1.s390x.rpm

Rocky Linux 10 ppc64le - AppStream

unbound-libs-0:1.24.2-7.el10_2.1.ppc64le.rpm unbound-utils-0:1.24.2-7.el10_2.1.ppc64le.rpm unbound-dracut-0:1.24.2-7.el10_2.1.ppc64le.rpm unbound-0:1.24.2-7.el10_2.1.src.rpm unbound-debuginfo-0:1.24.2-7.el10_2.1.ppc64le.rpm python3-unbound-0:1.24.2-7.el10_2.1.ppc64le.rpm unbound-libs-debuginfo-0:1.24.2-7.el10_2.1.ppc64le.rpm unbound-0:1.24.2-7.el10_2.1.ppc64le.rpm unbound-debugsource-0:1.24.2-7.el10_2.1.ppc64le.rpm unbound-anchor-debuginfo-0:1.24.2-7.el10_2.1.ppc64le.rpm unbound-utils-debuginfo-0:1.24.2-7.el10_2.1.ppc64le.rpm unbound-anchor-0:1.24.2-7.el10_2.1.ppc64le.rpm python3-unbound-debuginfo-0:1.24.2-7.el10_2.1.ppc64le.rpm

Rocky Linux 10 riscv64 - AppStream

unbound-0:1.24.2-7.el10_2.1.src.rpm

Rocky Linux 10 aarch64 - CRB

unbound-devel-0:1.24.2-7.el10_2.1.aarch64.rpm

Rocky Linux 10 s390x - CRB

unbound-devel-0:1.24.2-7.el10_2.1.s390x.rpm

Rocky Linux 10 ppc64le - CRB

unbound-devel-0:1.24.2-7.el10_2.1.ppc64le.rpm