CVE-2011-4528

EPSS 2.9%

unbound - several

Published: 12/20/2011Modified: 4/28/2026

Description

Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.

Affected packages (2)

Debian/unboundfrom 0, < 1.4.14-1
Debian/unboundfrom 0, < 1.4.6-1~lenny2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-4528