Bird_banner_small4
Systemd resolved dns_packet_new Heap Buffer Overflow
TSL ID TSL20170628-05
CVE ID(s) CVE-2017-9445
Severity High
Description

A heap buffer overflow vulnerability has been reported in the dns_packet_new function of systemd-resolved. This vulnerability is due to the allocation of a heap buffer of insufficient size when handling DNS responses.

A malicious DNS server can exploit this vulnerability by sending a crafted DNS response. Successful exploitation may result in arbitrary code execution.

The vendor has released the following advisory regarding this vulnerability:

https://security-tracker.debian.org/tracker/CVE-2017-9445

Affected Products
  • Systemd Systemd 233 and prior
CVSS Score Base 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):
  • Access vector is NETWORK
  • Access complexity is MEDIUM
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is PARTIAL
  • Impact of this vulnerability on data integrity is PARTIAL
  • Impact of this vulnerability on data availability is PARTIAL
Temporal 5.0 (E:U/RL:OF/RC:C):
  • The exploitability level of this vulnerability is UNPROVEN
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
References https://github.com/systemd/systemd/pull/6214
https://security-tracker.debian.org/tracker/CVE-2017-9445
http://www.openwall.com/lists/oss-security/2017/06/27/8
Related Threats