|
Description: | | A heap buffer overflow vulnerability has been reported in the dns_packet_new function of systemd-resolved. In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it. |
|
Impact: | | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. |
|
Affected OS: | | Solaris, Other Unix, FreeBSD, Linux |
|
Reference: | | CVE-2017-9445 SecurityFocusBID: SecurityTrackerID:
|
|