4 matches found
CVE-2017-15908
CVE-2017-15908 affects systemd 223–235 where a remote DNS server can reply with a crafted DNS NSEC RR to trigger an infinite loop in dns_packet_read_type_window() of systemd-resolved, causing DoS. Public advisories (Ubuntu USN-3558-1) reference CVE-2017-15908; related OpenVAS/Nessus entries docum...
CVE-2017-9445
The CVE-2017-9445 issue affects systemd up to version 233, where dns_packet_new in systemd-resolved may allocate a buffer that is too small when processing DNS responses. A malicious DNS server can craft a TCP payload to trigger an out-of-bounds write, potentially enabling remote code execution o...
CVE-2017-9217
CVE-2017-9217 affects systemd-resolved up to version 233; a crafted DNS response with an empty question section can trigger a remote denial of service (daemon crash). The vulnerability is documented in multiple advisories (e.g., SUSE-SU-2017:2031-1) and is fixed by applying the systemd security u...
CVE-2026-40226
The CVE affects systemd-nspawn: versions 233–259 (before 260) are vulnerable. A crafted optional config file can trigger an escape-to-host action. Root cause is not detailed beyond this vector in the provided docs. Remediation implied by the reference is upgrading to systemd 260 or later to mitig...