Vulnerability DatabaseCVE-2025-11411

CVE-2025-11411:
Unbound vulnerability analysis and mitigation

Overview

A security update has been released for Red Hat Enterprise Linux 9 addressing CVE-2025-11411. The update is rated as having an Important security impact and affects the kernel packages, which contain the Linux kernel, the core of any Linux operating system (Red Hat Advisory).

Technical details

The vulnerability exists in the kernel's sunrpc (Remote Procedure Call) service handling. The issue occurs when a client sends a specially crafted packet to the kernel RPC server. If decoding the RPC reply fails in a way that returns SVCGARBAGE without setting the rqacceptstatp pointer, that pointer can be dereferenced and a value stored there, potentially leading to a system crash or memory corruption ([Rapid7](https://www.rapid7.com/db/vulnerabilities/almalinux-cve-2025-38089/)).

Impact

If exploited, this vulnerability can lead to system crashes when it's the first time a thread processes an RPC request, as the NULL pointer will be dereferenced. In other scenarios, it could result in memory corruption, potentially affecting system stability and security (Rapid7).

Mitigation and workarounds

The fix involves handling SVCGARBAGE returns as AUTHERROR with a reason of AUTHBADCRED instead of returning GARBAGEARGS. This modification prevents the problematic interaction with the rpcacceptstatp pointer. Users should apply the security update provided by Red Hat, which requires a system reboot to take effect (Red Hat Advisory).

Additional resources

Source: This report was generated using AI

View vulnerable instances

Not a Wiz customer? See which CVEs are exploitable in your environment.

Get a CVE Assessment

Published October 22, 2025

CNA Score N/A

Affected Technologies

Unbound
Linux Debian

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) N/A

Exploitation Probability (EPSS) N/A

Affected packages and libraries

unbound-anchor
unbound-devel

Sources

NVD
Debian Security Tracker
- Debian 11, 12, 13, 14 No FixAdded at: Oct 23, 2025
Red Hat Errata
- Red Hat 6, 7, 8, 9, 10 Severity MEDIUMNo FixAdded at: Oct 23, 2025
VulnCheck NVD++
- Windows No FixAdded at: Oct 23, 2025

Get a CVE risk assessment

Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.

Request assessment

Related Unbound vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-5994	HIGH	8.7	Unbound	unbound-devel	No	Yes	Jul 16, 2025
CVE-2024-33655	HIGH	7.5	Unbound	unbound-python	No	Yes	Jun 06, 2024
CVE-2024-1931	HIGH	7.5	NixOS	cpe:2.3:a:nlnetlabs:unbound	No	Yes	Mar 07, 2024
CVE-2024-8508	MEDIUM	5.3	NixOS	libunbound8	No	Yes	Oct 03, 2024
CVE-2025-11411	N/A	N/A	Unbound	unbound-anchor	No	No	Oct 22, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

A threat intelligence database

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."

David EstlickCISO

"Wiz provides a single pane of glass to see what is going on in our cloud environments."

Adam FletcherChief Security Officer

"We know that if Wiz identifies something as critical, it actually is."

Greg PoniatowskiHead of Threat and Vulnerability Management

Get a demo

CVE-2025-11411: Unbound vulnerability analysis and mitigation