Description
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 11 | | =247.3-6 || =247.3-7 || =247.3-7+deb11u1 || =247.3-7+deb11u2 || =247.3-7+deb11u3 || =247.3-7+deb11u4 || =247.3-7+deb11u5 || >=0 <247.3-7+deb11u6 | 247.3-7+deb11u6 |
debian 12 | | =252.11-1 || =252.11-1~deb12u1 || =252.12-1~deb12u1 || =252.14-1~deb12u1 || =252.16-1~deb12u1 || =252.17-1~deb12u1 || =252.18-1~deb12u1 || =252.19-1~deb12u1 || =252.20-1~deb12u1 || =252.6-1 || =252.6-1+loong64 || >=0 <252.21-1~deb12u1 | 252.21-1~deb12u1 |
debian 13 | | | 255.1-3 |
debian 14 | | | 255.1-3 |
 rpm rhel8 | | | 0:239-82.el8 |
rpm rhel9 | | | 0:252-32.el9_4 |
