Out-of-bounds Write Affecting systemd package, versions <233-10
Snyk CVSS
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIANUNSTABLE-SYSTEMD-305124
- published 28 Jun 2017
- disclosed 28 Jun 2017
Introduced: 28 Jun 2017
CVE-2017-9445 Open this link in a new tabHow to fix?
Upgrade Debian:unstable systemd to version 233-10 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian.
See How to fix? for Debian:unstable relevant fixed versions and status.
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.