High severity7.5NVD Advisory· Published Oct 26, 2017· Updated Jun 17, 2026
CVE-2017-15908
CVE-2017-15908
Description
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
32cpe:2.3:a:systemd_project:systemd:223:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:systemd_project:systemd:223:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:224:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:225:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:226:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:227:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:228:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:229:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:230:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:231:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:232:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:233:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:234:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:235:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- Range: 223-235
- osv-coords16 versionspkg:apk/chainguard/py3.10-systemdpkg:apk/chainguard/py3.11-systemdpkg:apk/chainguard/py3.12-systemdpkg:apk/chainguard/py3.13-systemdpkg:apk/chainguard/py3-supported-systemdpkg:apk/chainguard/py3-systemdpkg:rpm/opensuse/systemd&distro=openSUSE%20Tumbleweedpkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 0+ 15 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 249.4-2.2
- (no CPE)range: < 228-150.29.1
- (no CPE)range: < 228-150.29.1
- (no CPE)range: < 228-150.29.1
- (no CPE)range: < 228-150.29.1
- (no CPE)range: < 228-150.29.1
- (no CPE)range: < 228-150.29.1
- (no CPE)range: < 228-150.29.1
- (no CPE)range: < 228-150.29.1
- (no CPE)range: < 228-150.29.1
Patches
Vulnerability mechanics
References
5- bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351nvdIssue TrackingPatchThird Party Advisory
- github.com/systemd/systemd/pull/7184nvdIssue TrackingPatchThird Party Advisory
- usn.ubuntu.com/3558-1/nvdPatchThird Party Advisory
- www.securityfocus.com/bid/101600nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039662nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.