A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain.
This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1.
BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.
References
Configurations
History
30 Jun 2026, 03:19
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
21 May 2026, 15:26
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
|
| First Time |
Isc bind
Isc |
|
| CWE | CWE-401 | |
| CPE | cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:* | |
| References | () https://downloads.isc.org/isc/bind9/9.20.21 - Patch | |
| References | () https://downloads.isc.org/isc/bind9/9.21.20 - Patch | |
| References | () https://kb.isc.org/docs/cve-2026-3104 - Vendor Advisory |
25 Mar 2026, 14:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-03-25 14:16
Updated : 2026-06-30 03:19
NVD link : CVE-2026-3104
Mitre link : CVE-2026-3104
CVE.ORG link : CVE-2026-3104
JSON object : View
Products Affected
isc
- bind
