Fluid Attacks Database

Description

In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	systemd	>=0 <235-3	235-3
debian 12	systemd	>=0 <235-3	235-3
debian 14	systemd	>=0 <235-3	235-3
debian 11	systemd	>=0 <235-3	235-3

Aliases

1. CVE-2017-159082. NVD-2017-159083. OSV-DEBIAN-2017-159084. OSV-2017-159085. SECURITY-TRACKER-CVE-2017-15908

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.