Описание
A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 237-3ubuntu10.54 |
| devel | not-affected | 251.2-2ubuntu2 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | released | 237-3ubuntu10.54 |
| esm-infra/focal | not-affected | 245.4-4ubuntu3.17 |
| esm-infra/xenial | not-affected | code not present |
| focal | not-affected | 245.4-4ubuntu3.17 |
| jammy | not-affected | 249.11-0ubuntu3.4 |
| trusty | ignored | end of standard support |
| trusty/esm | not-affected | code not present |
Показывать по
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.
A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.
A use-after-free vulnerability was found in systemd. This issue occurs ...
EPSS
9.8 Critical
CVSS3