Vulnerability Details CVE-2017-15908
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 56.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/101600
- http://www.securitytracker.com/id/1039662
- https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351
- https://github.com/systemd/systemd/pull/7184
- https://usn.ubuntu.com/3558-1/
- http://www.securityfocus.com/bid/101600
- http://www.securitytracker.com/id/1039662
- https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351
- https://github.com/systemd/systemd/pull/7184
- https://usn.ubuntu.com/3558-1/
Products affected by CVE-2017-15908
-
cpe:2.3:a:systemd_project:systemd:223
-
cpe:2.3:a:systemd_project:systemd:224
-
cpe:2.3:a:systemd_project:systemd:225
-
cpe:2.3:a:systemd_project:systemd:226
-
cpe:2.3:a:systemd_project:systemd:227
-
cpe:2.3:a:systemd_project:systemd:228
-
cpe:2.3:a:systemd_project:systemd:229
-
cpe:2.3:a:systemd_project:systemd:230
-
cpe:2.3:a:systemd_project:systemd:231
-
cpe:2.3:a:systemd_project:systemd:232
-
cpe:2.3:a:systemd_project:systemd:233
-
cpe:2.3:a:systemd_project:systemd:234
-
cpe:2.3:a:systemd_project:systemd:235
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:16.04