cvedb.io
CVE-2017-9445
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-06-28T06:29:00.190 · Last modified 2026-06-17T01:28:07.270

Summary

In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.

Affected products

systemd_project — systemd

Does this affect you?

Add your gear to cvedb and we'll alert you only when systemd_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.