A Denial of Service vulnerability (CVE-2026-1519, CVSS 7.5 HIGH) in BIND allows remote attackers to crash the DNS server via a maliciously crafted DNSSEC-validated zone. The vulnerability affects Red Hat Enterprise Linux 6 Extended Lifecycle Support, and the advisory provides updated packages to remediate the issue.
Red Hat Product Errata RHSA-2026:11372 - Security Advisory Issued: 2026-04-28 Updated: 2026-04-28 RHSA-2026:11372 - Security Advisory Overview Updated Packages Synopsis Important: bind security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for bind is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone (CVE-2026-1519) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64 Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386 Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x Fixes BZ - 2451305 - CVE-2026-1519 bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVEs CVE-2026-1519 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 SRPM bind-9.8.2-0.68.rc1.el6_10.18.src.rpm SHA-256: 46a7291cb6a6fa4a94f681a79c6a0a7e07e0e0c178b4ec60ba02c73fec218af4 x86_64 bind-9.8.2-0.68.rc1.el6_10.18.x86_64.rpm SHA-256: 5c891364f1a89c552d6de28a2b1185080b4691de9afb08d3d04ea1119a836701 bind-chroot-9.8.2-0.68.rc1.el6_10.18.x86_64.rpm SHA-256: c1c1e013b4348a7527674a3c98acc8cb2fbc704e910a3865e231c9a27476f074 bind-debuginfo-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: 55cd489bb4bf5b78a373056f7c1290b03dc8a9c45ec983c8caa094b2c659bbf6 bind-debuginfo-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: 55cd489bb4bf5b78a373056f7c1290b03dc8a9c45ec983c8caa094b2c659bbf6 bind-debuginfo-9.8.2-0.68.rc1.el6_10.18.x86_64.rpm SHA-256: 41a7b66ffd30ce467819edf68a8788330258bf19a6aff48d9fe117deae3cf27a bind-debuginfo-9.8.2-0.68.rc1.el6_10.18.x86_64.rpm SHA-256: 41a7b66ffd30ce467819edf68a8788330258bf19a6aff48d9fe117deae3cf27a bind-devel-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: 2745d747e6441b44bfe10070939fcf584212a033561af2e8b664e6feaad8a1aa bind-devel-9.8.2-0.68.rc1.el6_10.18.x86_64.rpm SHA-256: 8f483815fe72f417ede2362c517a551b0ff574587d0423f70d663b4cb5f02c38 bind-libs-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: f0f177ee87865ef69929fb91dc535d2a2d78e9601c21afc778b3829644c6f485 bind-libs-9.8.2-0.68.rc1.el6_10.18.x86_64.rpm SHA-256: e382d22f220a585504dbd99e4bf85f586f42020815f81203399d2ad31052cbb4 bind-sdb-9.8.2-0.68.rc1.el6_10.18.x86_64.rpm SHA-256: 7a4f8e54a86838a3a07cbb011fe94c2987a922dd66569c5f1ef43220c5ca3fe7 bind-utils-9.8.2-0.68.rc1.el6_10.18.x86_64.rpm SHA-256: 151352495d075ad89698a99218f812b9d4653645ee775bff38a58b4f35c3493a i386 bind-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: 541772d65b033531763fd690c3e087523b11264465f4f9a031b4eba5f0a57683 bind-chroot-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: fec2e04a5828c09f8e404ff206ca505c93f91bfe693335f07e397e0769a088c4 bind-debuginfo-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: 55cd489bb4bf5b78a373056f7c1290b03dc8a9c45ec983c8caa094b2c659bbf6 bind-debuginfo-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: 55cd489bb4bf5b78a373056f7c1290b03dc8a9c45ec983c8caa094b2c659bbf6 bind-devel-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: 2745d747e6441b44bfe10070939fcf584212a033561af2e8b664e6feaad8a1aa bind-libs-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: f0f177ee87865ef69929fb91dc535d2a2d78e9601c21afc778b3829644c6f485 bind-sdb-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: 32a41c849a4d1c96b30dba918df0dc4a3b5363e790ccbd988afc28b8f7b598f3 bind-utils-9.8.2-0.68.rc1.el6_10.18.i686.rpm SHA-256: 37750a9f139b4d612197e2e6babaabfa0214352521f50539ddcee2315d6ffb13 Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 SRPM bind-9.8.2-0.68.rc1.el6_10.18.src.rpm SHA-256: 46a7291cb6a6fa4a94f681a79c6a0a7e07e0e0c178b4ec60ba02c73fec218af4 s390x bind-9.8.2-0.68.rc1.el6_10.18.s390x.rpm SHA-256: 20973916ddd5107ba39427ce996309ff645c77d677eccf2f33fb8c0f5ad4ef01 bind-chroot-9.8.2-0.68.rc1.el6_10.18.s390x.rpm SHA-256: 7070d37f2d01eac95953a449b9b4725f1e13ab6f23b2193c6f571eb743c98201 bind-debuginfo-9.8.2-0.68.rc1.el6_10.18.s390.rpm SHA-256: 4c1ef9cfce4591f3a7fdb14275aa9ca7417d292a34a8db7d2df2953b59700bcc bind-debuginfo-9.8.2-0.68.rc1.el6_10.18.s390.rpm SHA-256: 4c1ef9cfce4591f3a7fdb14275aa9ca7417d292a34a8db7d2df2953b59700bcc bind-debuginfo-9.8.2-0.68.rc1.el6_10.18.s390x.rpm SHA-256: 70da0b28104a775c07e6af974a8783dba122fa1010df99cd2ff93d2aba8e5a88 bind-debuginfo-9.8.2-0.68.rc1.el6_10.18.s390x.rpm SHA-256: 70da0b28104a775c07e6af974a8783dba122fa1010df99cd2ff93d2aba8e5a88 bind-devel-9.8.2-0.68.rc1.el6_10.18.s390.rpm SHA-256: eac9862b448fb50bf16fe6ad646eece69323df4057d0945ea8ef065436feea88 bind-devel-9.8.2-0.68.rc1.el6_10.18.s390x.rpm SHA-256: 1c8f00f73c7634fa083010f98f0e593521b3705d74ba835680e90e3856467a86 bind-libs-9.8.2-0.68.rc1.el6_10.18.s390.rpm SHA-256: 3234cc541a08de9c59f064441e4562ecba8dd2d48061693892e0dd20623312d1 bind-libs-9.8.2-0.68.rc1.el6_10.18.s390x.rpm SHA-256: 8caf14d92c8ade9b75ed241afb87265d68188cd858a78e2a85cfb07f7023e268 bind-sdb-9.8.2-0.68.rc1.el6_10.18.s390x.rpm SHA-256: d70c5a17638cf5be9a5cf9550c17313ef92f004cc7fae4c44a09419e96fd6190 bind-utils-9.8.2-0.68.rc1.el6_10.18.s390x.rpm SHA-256: b7accbd492f09ec6d51f0321dcd25154951ceaaee99281f63de244b9bd8109ee The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .