CVE-2026-3104 — Missing Release of Resource after Effective Lifetime in Bind 9

CWE-772 — Missing Release of Resource after Effective Lifetime11 documents9 sources

Severity

7.5HIGHNVD

EPSS

0.0%

top 86.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ISC Bind ISC Bind9 ISC Bind 9

Timeline

PublishedMar 25

Description

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶Alpineisc/bind< 9.20.21-r0+1

▶Debianisc/bind9< 1:9.20.21-1~deb13u1+1

▶CVEListV5isc/bind_99.20.0 — 9.20.20+2

🔴Vulnerability Details

OSV

CVE-2026-3104: A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain↗2026-03-25

▶

OSV

CVE-2026-3104: A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain↗2026-03-25

▶

CVEList

Memory leak in code preparing DNSSEC proofs of non-existence↗2026-03-25

▶

GHSA

GHSA-vwv5-298p-pw28: A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain↗2026-03-25

▶

OSV

bind9 vulnerabilities↗2026-03-25

▶

📋Vendor Advisories

Red Hat

bind: BIND: Denial of Service via specially crafted domain query causing a memory leak↗2026-03-25

▶

Ubuntu

Bind vulnerabilities↗2026-03-25

▶

Microsoft

Memory leak in code preparing DNSSEC proofs of non-existence↗2026-03-10

▶

Debian

CVE-2026-3104: bind9 - A specially crafted domain can be used to cause a memory leak in a BIND resolver...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-3104 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶