Описание
systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.
Отчет
This issue did not affect the versions of systemd as shipped with Red Hat Enterprise Linux 7.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | systemd | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1455493systemd: Null pointer dereference in dns_packet_is_reply_for function
EPSS
Процентиль: 81%
0.01498
Низкий
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 8 лет назад
systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.
CVSS3: 7.5
nvd
больше 8 лет назад
systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.
CVSS3: 7.5
debian
больше 8 лет назад
systemd-resolved through 233 allows remote attackers to cause a denial ...
EPSS
Процентиль: 81%
0.01498
Низкий
5.3 Medium
CVSS3