CVE-2017-15908
N/A
N/A
Summary
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id/1039662
- http://www.securityfocus.com/bid/101600
- https://github.com/systemd/systemd/pull/7184
- https://usn.ubuntu.com/3558-1/
- https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351
References
- http://www.securitytracker.com/id/1039662
- http://www.securityfocus.com/bid/101600
- https://github.com/systemd/systemd/pull/7184
- https://usn.ubuntu.com/3558-1/
- https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.