Red Hat Security Advisory: bind9.16 security update
This advisory addresses two security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9. 16 DNS server implementation used in Red Hat Enterprise Linux 8. 8. The first vulnerability (CVE-2025-40778) involves cache poisoning attacks using unsolicited resource records. The second (CVE-2025-40780) relates to cache poisoning due to a weak pseudo-random number generator (PRNG). Both vulnerabilities could allow an attacker to manipulate DNS cache data. Red Hat has released an important security update to fix these issues in affected versions of their products.
AI Analysis
Technical Summary
The Red Hat security advisory RHSA-2025:21939 details fixes for two vulnerabilities in BIND 9.16, a DNS server implementation. CVE-2025-40778 allows cache poisoning via unsolicited resource records, while CVE-2025-40780 involves cache poisoning stemming from a weak PRNG. These vulnerabilities affect Red Hat Enterprise Linux 8.8 and related update services. The advisory provides updated packages that address these issues. No CVSS score is provided in the advisory, but the severity is rated as important by Red Hat Product Security.
Potential Impact
Successful exploitation of these vulnerabilities could enable an attacker to poison the DNS cache, potentially redirecting DNS queries to malicious destinations. This undermines DNS integrity and trust. The advisory does not report known exploits in the wild. The impact is significant enough for Red Hat to rate the update as important, indicating a high risk to affected systems if unpatched.
Mitigation Recommendations
Red Hat has released updated bind9.16 packages for Red Hat Enterprise Linux 8.8 and related update services that fix these vulnerabilities. Users should apply these official updates promptly following Red Hat's published guidance at https://access.redhat.com/articles/11258. Since this is an on-premises product, remediation requires installing the updated packages. Patch status is confirmed as available via the vendor advisory.
Red Hat Security Advisory: bind9.16 security update
Description
This advisory addresses two security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9. 16 DNS server implementation used in Red Hat Enterprise Linux 8. 8. The first vulnerability (CVE-2025-40778) involves cache poisoning attacks using unsolicited resource records. The second (CVE-2025-40780) relates to cache poisoning due to a weak pseudo-random number generator (PRNG). Both vulnerabilities could allow an attacker to manipulate DNS cache data. Red Hat has released an important security update to fix these issues in affected versions of their products.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Red Hat security advisory RHSA-2025:21939 details fixes for two vulnerabilities in BIND 9.16, a DNS server implementation. CVE-2025-40778 allows cache poisoning via unsolicited resource records, while CVE-2025-40780 involves cache poisoning stemming from a weak PRNG. These vulnerabilities affect Red Hat Enterprise Linux 8.8 and related update services. The advisory provides updated packages that address these issues. No CVSS score is provided in the advisory, but the severity is rated as important by Red Hat Product Security.
Potential Impact
Successful exploitation of these vulnerabilities could enable an attacker to poison the DNS cache, potentially redirecting DNS queries to malicious destinations. This undermines DNS integrity and trust. The advisory does not report known exploits in the wild. The impact is significant enough for Red Hat to rate the update as important, indicating a high risk to affected systems if unpatched.
Mitigation Recommendations
Red Hat has released updated bind9.16 packages for Red Hat Enterprise Linux 8.8 and related update services that fix these vulnerabilities. Users should apply these official updates promptly following Red Hat's published guidance at https://access.redhat.com/articles/11258. Since this is an on-premises product, remediation requires installing the updated packages. Patch status is confirmed as available via the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:21939
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-40780"]
- Cvss Version
- null
Threat ID: 6a1f4e86e29bf47b5007f8fc
Added to database: 6/2/2026, 9:43:34 PM
Last enriched: 6/2/2026, 10:01:53 PM
Last updated: 6/3/2026, 5:08:14 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.