---

CVE-2025-40775 - log back

CVE-2025-40775 created at 21 May 2025 19:34:20
Severity	+ High
Remote	+ Remote
Type	+ Denial of service
Description	+ When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure.
References	+ https://kb.isc.org/docs/cve-2025-40775 + https://downloads.isc.org/isc/bind9/9.20.9/doc/arm/html/notes.html#security-fixes
Notes