2 matches found
CVE-2017-15908
CVE-2017-15908 affects systemd 223–235 where a remote DNS server can reply with a crafted DNS NSEC RR to trigger an infinite loop in dns_packet_read_type_window() of systemd-resolved, causing DoS. Public advisories (Ubuntu USN-3558-1) reference CVE-2017-15908; related OpenVAS/Nessus entries docum...
CVE-2018-15687
CVE-2018-15687 : A race condition in systemd's chown_one() was identified as a local privilege-escalation flaw, potentially allowing a local attacker to set arbitrary permissions on files. Affected products include systemd up to version 239. The issue is fixed in patched releases; multiple adviso...