From: Colin Vidal <colin@isc.org>
Date: Thu, 30 Apr 2026 15:57:57 +0000 (+0200)
Subject: [CVE-2026-5950] sec: usr: Avoid unbounded recursion loop
X-Git-Tag: v9.21.22~11
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5319c21761fe72aad83f66b6ea185e8335447fc2;p=thirdparty%2Fbind9.git

[CVE-2026-5950] sec: usr: Avoid unbounded recursion loop

A bug during bad server handling could cause the resolver to enter an infinite loop, continuously sending queries to an upstream server with no exit condition, until the resolver query timeout was hit. This has been fixed.

ISC would like to thank Billy Baraja (BielraX) for bringing this issue to our attention.

Closes isc-projects/bind9#5804

Merge branch '5804-resend-loop' into 'security-main'

See merge request isc-private/bind9!985
---

5319c21761fe72aad83f66b6ea185e8335447fc2