ALAS2-2026-3321

Amazon Linux 2 Security Advisory: ALAS2-2026-3321
Advisory Released Date: 2026-06-08
Advisory Updated Date: 2026-06-08
Severity: Important
Issue Overview:

Fix GSS-API resource leak (CVE-2026-3039)

An unauthenticated remote attacker can crash any affected named instance with a single crafted DNS message, causing denial of service. Both authoritative servers and resolvers are affected. (CVE-2026-5946)


Affected Packages:

bind


Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.


Issue Correction:
Run yum update bind or yum update --advisory ALAS2-2026-3321 to update your system.

New Packages:
aarch64:
    bind-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-pkcs11-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-pkcs11-utils-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-pkcs11-libs-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-pkcs11-devel-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-sdb-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-libs-lite-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-libs-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-utils-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-devel-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-lite-devel-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-chroot-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-sdb-chroot-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-export-libs-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-export-devel-9.11.4-26.P2.amzn2.13.15.aarch64
    bind-debuginfo-9.11.4-26.P2.amzn2.13.15.aarch64

i686:
    bind-9.11.4-26.P2.amzn2.13.15.i686
    bind-pkcs11-9.11.4-26.P2.amzn2.13.15.i686
    bind-pkcs11-utils-9.11.4-26.P2.amzn2.13.15.i686
    bind-pkcs11-libs-9.11.4-26.P2.amzn2.13.15.i686
    bind-pkcs11-devel-9.11.4-26.P2.amzn2.13.15.i686
    bind-sdb-9.11.4-26.P2.amzn2.13.15.i686
    bind-libs-lite-9.11.4-26.P2.amzn2.13.15.i686
    bind-libs-9.11.4-26.P2.amzn2.13.15.i686
    bind-utils-9.11.4-26.P2.amzn2.13.15.i686
    bind-devel-9.11.4-26.P2.amzn2.13.15.i686
    bind-lite-devel-9.11.4-26.P2.amzn2.13.15.i686
    bind-chroot-9.11.4-26.P2.amzn2.13.15.i686
    bind-sdb-chroot-9.11.4-26.P2.amzn2.13.15.i686
    bind-export-libs-9.11.4-26.P2.amzn2.13.15.i686
    bind-export-devel-9.11.4-26.P2.amzn2.13.15.i686
    bind-debuginfo-9.11.4-26.P2.amzn2.13.15.i686

noarch:
    bind-license-9.11.4-26.P2.amzn2.13.15.noarch

src:
    bind-9.11.4-26.P2.amzn2.13.15.src

x86_64:
    bind-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-pkcs11-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-pkcs11-utils-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-pkcs11-libs-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-pkcs11-devel-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-sdb-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-libs-lite-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-libs-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-utils-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-devel-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-lite-devel-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-chroot-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-sdb-chroot-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-export-libs-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-export-devel-9.11.4-26.P2.amzn2.13.15.x86_64
    bind-debuginfo-9.11.4-26.P2.amzn2.13.15.x86_64

Additional References

Release Notes:  Amazon Linux 2 Release Notes

Red Hat: CVE-2026-3039, CVE-2026-5946

Mitre: CVE-2026-3039, CVE-2026-5946