Wind River Support Network


LIN8-6985 : Security Advisory - systemd - CVE-2017-9445

Created: Jun 29, 2017    Updated: May 29, 2018
Resolved Date: Apr 18, 2018
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace


In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.

Other Downloads


Live chat