MiracleLinux 8 : systemd-239-82.el8 (AXSA:2024-8329:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8329:02 advisory. systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes CVE-2023-7008 Tenable has extracted the preceding description block...

CVE-2025-32743

In ConnMan through 1.44, the lookup string in nsresolv in dnsproxy.c can be NULL or an empty string when the TC Truncated bit is set in a DNS response. This allows attackers to cause a denial of service application crash or possibly execute arbitrary code, because those lookup values lead to...

CVE-2023-7008 Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records...

The vulnerability of the QDnsLookup component of the cross-platform framework for Qt software development allows a hacker to induce a service failure.

The vulnerability of the QDnsLookup component of the cross-platform framework for Qt software development relates to reading data from beyond the allowable buffer size. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a specially crafted response from...

DEBIAN-CVE-2017-9445

In systemd through 233, certain sizes passed to dnspacketnew in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and...