VYPR
Unrated severityNVD Advisory· Published Dec 23, 2023· Updated Nov 6, 2025

Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes

CVE-2023-7008

Description

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

25

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.