Lucene search
K
Systemd ProjectSystemd233

4 matches found

CVE
CVE
added 2017/10/26 2:0 p.m.210 views

CVE-2017-15908

CVE-2017-15908 affects systemd 223–235 where a remote DNS server can reply with a crafted DNS NSEC RR to trigger an infinite loop in dns_packet_read_type_window() of systemd-resolved, causing DoS. Public advisories (Ubuntu USN-3558-1) reference CVE-2017-15908; related OpenVAS/Nessus entries docum...

7.5CVSS7.3AI score0.23633EPSS
CVE
CVE
added 2017/06/28 6:0 a.m.107 views

CVE-2017-9445

The CVE-2017-9445 issue affects systemd up to version 233, where dns_packet_new in systemd-resolved may allocate a buffer that is too small when processing DNS responses. A malicious DNS server can craft a TCP payload to trigger an out-of-bounds write, potentially enabling remote code execution o...

7.5CVSS7.5AI score0.55116EPSS
CVE
CVE
added 2017/05/24 4:56 a.m.81 views

CVE-2017-9217

CVE-2017-9217 affects systemd-resolved up to version 233; a crafted DNS response with an empty question section can trigger a remote denial of service (daemon crash). The vulnerability is documented in multiple advisories (e.g., SUSE-SU-2017:2031-1) and is fixed by applying the systemd security u...

7.5CVSS7AI score0.15422EPSS
CVE
CVE
added 2026/04/10 3:18 p.m.26 views

CVE-2026-40226

The CVE affects systemd-nspawn: versions 233–259 (before 260) are vulnerable. A crafted optional config file can trigger an escape-to-host action. Root cause is not detailed beyond this vector in the provided docs. Remediation implied by the reference is upgrading to systemd 260 or later to mitig...

6.4CVSS5.8AI score0.00072EPSS