RHSA-2026:20357MediumCVSS 5.9
Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
🔗 CVE IDs covered (3)
📋 Description
CVE-2026-32792 — unbound: Packet of death with DNSCrypt CVE-2026-42923 — unbound: Unbound DNSSEC Validator NSEC3 Hash Calculation Limit Bypass via Negative Cache Code Path Leading to DoS CVE-2026-42960 — unbound: Unbound DNS Cache Poisoning via Promiscuous Additional Section RRSet Acceptance
🔗 References (8)
- selfhttps://access.redhat.com/errata/RHSA-2026:20357
- externalhttps://images.redhat.com/
- externalhttps://access.redhat.com/security/cve/CVE-2026-32792
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://access.redhat.com/security/cve/CVE-2026-42960
- externalhttps://access.redhat.com/security/cve/CVE-2026-42923
- externalhttps://access.redhat.com/security/cve/CVE-2026-40622
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_20357.json