CVE-2017-15908

Published: 26 October 2017

In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
systemd
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 18.04 LTS (Bionic Beaver)
Released (235-2ubuntu3)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (229-4ubuntu21.1)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(code not present)
Patches:
Upstream: https://github.com/systemd/systemd/pull/7184
Upstream: https://github.com/systemd/systemd/commit/9f939335a07085aa9a9663efd1dca06ef6405d62

Notes

AuthorNote
mdeslaur
resolve only used by default on zesty+
independently discovered by Nelson William Gamazo Sanchez,
working with Trend Micro's Zero Day Initiative

References

Bugs