High severity7.5NVD Advisory· Published Jun 28, 2017· Updated May 13, 2026

CVE-2017-9445

Description

In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.

Affected products

Systemd Project/Systemd
cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:*
Range: >=223,<=233

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

openwall.com/lists/oss-security/2017/06/27/8nvdMailing ListPatchThird Party Advisory
www.securityfocus.com/bid/99302nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038806nvdThird Party AdvisoryVDB Entry
launchpad.net/bugs/1695546nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000