Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-9445

Опубликовано: 27 июн. 2017
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.

An out-of-bounds write flaw was found in the way systemd-resolved daemon handled processing of DNS responses. A remote attacker could potentially use this flaw to crash the daemon or execute arbitrary code in the context of the daemon process.

Отчет

This issue did not affect the versions of systemd as shipped with Red Hat Enterprise Linux 7.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7systemdNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=1463609systemd: Out-of-bounds write in systemd-resolved due to allocating too small buffer in dns_packet_new

EPSS

Процентиль: 89%
0.04426
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-9445

CVSS3: 7.5
ubuntu
больше 8 лет назад

In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.

nvd логотип

CVE-2017-9445

CVSS3: 7.5
nvd
больше 8 лет назад

In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.

debian логотип

CVE-2017-9445

CVSS3: 7.5
debian
больше 8 лет назад

In systemd through 233, certain sizes passed to dns_packet_new in syst ...

suse-cvrf логотип

SUSE-SU-2017:1898-1

suse-cvrf
больше 8 лет назад

Security update for systemd, dracut

github логотип

GHSA-42xm-66qf-5jj8

CVSS3: 7.5
github
больше 3 лет назад

In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.

EPSS

Процентиль: 89%
0.04426
Низкий

7.5 High

CVSS3