[Security Vulnerability Alert] A critical cybersecurity vulnerability exists in BIND, part of the Internet Systems Consortium (ISC) (CVE-2026-3104).

 
2026/4/13 ~ 2026/10/13
View Count:47

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Warning TWCERTCC-200-202604-00000001

[Content Description]
Recently, the Internet Systems Consortium (ISC) issued a major cybersecurity advisory for BIND (CVE-2026-3104, CVSS: 7.5). This vulnerability can cause memory leakage in the BIND resolver through carefully crafted domain names.

[Affected Platforms]
BIND versions 9.20.0 to 9.20.20
BIND versions 9.21.0 to 9.21.19
BIND versions 9.20.9-S1 to 9.20.20-S1

[Recommended Actions]
Patch according to the solutions released on the official website: https://kb.isc.org/docs/cve-2026-3104

[References]
1. https://www.twcert.org.tw/tw/cp-169-10818-cb2ee-1.html

Files
system_update_alt官方網站
system_update_alt參考資料
【Back】
Top↑