CVE-2017-9445
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.
En systemd hasta la versión 233, ciertos tamaños pasados a la función dns_packet_new en systemd-resolved pueden causar que asigne un búfer que es muy pequeño. Un servidor DNS malicioso puede aprovechar esto por medio de una respuesta con una carga útil TCP especialmente creada para engañar a systemd-resolved en la asignación de un búfer que es muy pequeño, y posteriormente escribir datos arbitrarios más allá del final de la misma.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-06-05 CVE Reserved
- 2017-06-27 CVE Published
- 2023-05-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/99302 | Third Party Advisory | |
http://www.securitytracker.com/id/1038806 | Third Party Advisory | |
https://launchpad.net/bugs/1695546 | Broken Link |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://openwall.com/lists/oss-security/2017/06/27/8 | 2022-01-31 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Systemd Project Search vendor "Systemd Project" | Systemd Search vendor "Systemd Project" for product "Systemd" | >= 223 <= 233 Search vendor "Systemd Project" for product "Systemd" and version " >= 223 <= 233" | - |
Affected
|