From: Michał Kępień <michal@isc.org>
Date: Fri, 13 Mar 2026 13:31:40 +0000 (+0100)
Subject: [CVE-2026-3591] sec: usr: Fix a stack use-after-return flaw in SIG(0) handling code
X-Git-Tag: v9.21.20~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c64392c731bf20ebd8d473b6f12f021027cdfeba;p=thirdparty%2Fbind9.git

[CVE-2026-3591] sec: usr: Fix a stack use-after-return flaw in SIG(0) handling code

A stack use-after-return flaw in SIG(0) handling code could enable ACL
bypass and/or assertion failures in certain circumstances. This flaw has
been fixed.

ISC would like to thank Mcsky23 for bringing this vulnerability to our
attention.

Closes isc-projects/bind9#5754

Merge branch '5754-stack-use-after-free-sig0' into 'v9.21.20-release'

See merge request isc-private/bind9!920
---

c64392c731bf20ebd8d473b6f12f021027cdfeba