Download
| Alert*
|
oval:org.secpod.oval:def:42507
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and ... oval:org.secpod.oval:def:89044899 This update for systemd provides several fixes and enhancements. Security issues fixed: - CVE-2017-9217: Null pointer dereferencing that could lead to resolved aborting. - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. The update also fi ... oval:org.secpod.oval:def:89044680 This update for systemd and dracut fixes the following issues: Security issues fixed: - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. Non-security issues fixed in systemd: - Automounter issue in combination with NFS volumes - Missing sy ... oval:org.secpod.oval:def:703677 systemd: system and service manager systemd-resolved could be made to crash or run programs if it received a specially crafted DNS response. oval:org.secpod.oval:def:112526 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... oval:org.secpod.oval:def:112508 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... |
