CVE 2017-9445
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.
Related bugs and status
CVE-2017-9445 (Candidate) is related to these bugs:
Bug #1449001: systemd-resolved: please do not use Google public DNS by default
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1449001 | systemd-resolved: please do not use Google public DNS by default | systemd (Ubuntu) | Low | Fix Released | ||
| 1449001 | systemd-resolved: please do not use Google public DNS by default | systemd | Undecided | New | ||
| 1449001 | systemd-resolved: please do not use Google public DNS by default | systemd (Ubuntu Artful) | Low | Fix Released | ||
| 1449001 | systemd-resolved: please do not use Google public DNS by default | systemd (Ubuntu Zesty) | Low | Fix Released | ||
| 1449001 | systemd-resolved: please do not use Google public DNS by default | systemd (Debian) | Unknown | Fix Released | ||
Bug #1621396: systemd-resolved crashed with SIGSEGV in dns_packet_is_reply_for()
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1621396 | systemd-resolved crashed with SIGSEGV in dns_packet_is_reply_for() | systemd (Ubuntu) | Medium | Fix Released | ||
| 1621396 | systemd-resolved crashed with SIGSEGV in dns_packet_is_reply_for() | systemd (Ubuntu Zesty) | Low | Fix Released | ||
| 1621396 | systemd-resolved crashed with SIGSEGV in dns_packet_is_reply_for() | systemd (Ubuntu Xenial) | Low | Fix Released | ||
Bug #1651518: systemd/logind parsing problem: HTX exercisers stopped on error: rc 11, errno 11 from main(): pthread_create
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1651518 | systemd/logind parsing problem: HTX exercisers stopped on error: rc 11, errno 11 from main(): pthread_create | systemd (Ubuntu) | Undecided | Fix Released | ||
| 1651518 | systemd/logind parsing problem: HTX exercisers stopped on error: rc 11, errno 11 from main(): pthread_create | systemd (Ubuntu Xenial) | High | Fix Released | ||
| 1651518 | systemd/logind parsing problem: HTX exercisers stopped on error: rc 11, errno 11 from main(): pthread_create | systemd (Ubuntu Yakkety) | Undecided | Fix Released | ||
| 1651518 | systemd/logind parsing problem: HTX exercisers stopped on error: rc 11, errno 11 from main(): pthread_create | The Ubuntu-power-systems project | High | Fix Released | ||
Bug #1668347: Unable to set bridge_portpriority with networkd
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1668347 | Unable to set bridge_portpriority with networkd | systemd (Ubuntu) | Medium | Fix Released | ||
| 1668347 | Unable to set bridge_portpriority with networkd | systemd (Ubuntu Zesty) | Medium | Fix Released | ||
| 1668347 | Unable to set bridge_portpriority with networkd | systemd (Ubuntu Xenial) | Undecided | Fix Released | ||
Bug #1673860: systemd-resolved unit should run Before=network-online.target
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1673860 | systemd-resolved unit should run Before=network-online.target | systemd (Ubuntu) | Undecided | Fix Released | ||
| 1673860 | systemd-resolved unit should run Before=network-online.target | systemd (Ubuntu Xenial) | Undecided | Fix Released | ||
| 1673860 | systemd-resolved unit should run Before=network-online.target | systemd (Ubuntu Yakkety) | Undecided | Fix Released | ||
Bug #1686361: systemd does not respect nofile ulimit when running in container
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1686361 | systemd does not respect nofile ulimit when running in container | systemd (Ubuntu) | Undecided | Fix Released | ||
| 1686361 | systemd does not respect nofile ulimit when running in container | systemd (Ubuntu Zesty) | Medium | Fix Released | ||
| 1686361 | systemd does not respect nofile ulimit when running in container | systemd (Ubuntu Artful) | Undecided | Fix Released | ||
| 1686361 | systemd does not respect nofile ulimit when running in container | systemd (Ubuntu Xenial) | Undecided | Fix Released | ||
Bug #1686784: no predictable names for platform (non-PCI) NICs
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1686784 | no predictable names for platform (non-PCI) NICs | systemd (Ubuntu) | Undecided | Fix Released | ||
| 1686784 | no predictable names for platform (non-PCI) NICs | systemd (Ubuntu Zesty) | Medium | Fix Released | ||
| 1686784 | no predictable names for platform (non-PCI) NICs | systemd (Ubuntu Xenial) | Undecided | Fix Released | ||
Bug #1692136: Backport "core/timer: downgrade message about random time addition (#5229)".
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1692136 | Backport "core/timer: downgrade message about random time addition (#5229)". | systemd (Ubuntu) | Undecided | Fix Released | ||
| 1692136 | Backport "core/timer: downgrade message about random time addition (#5229)". | systemd | Unknown | Fix Released | ||
| 1692136 | Backport "core/timer: downgrade message about random time addition (#5229)". | systemd (Ubuntu Zesty) | Medium | Fix Released | ||
| 1692136 | Backport "core/timer: downgrade message about random time addition (#5229)". | systemd (Ubuntu Xenial) | Medium | Fix Released | ||
Bug #1695546: Out of bounds write in resolved with crafted TCP responses
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1695546 | Out of bounds write in resolved with crafted TCP responses | systemd (Ubuntu) | High | Fix Released | ||
| 1695546 | Out of bounds write in resolved with crafted TCP responses | systemd (Ubuntu Xenial) | Undecided | Fix Released | ||
| 1695546 | Out of bounds write in resolved with crafted TCP responses | systemd (Ubuntu Yakkety) | Undecided | Fix Released | ||
| 1695546 | Out of bounds write in resolved with crafted TCP responses | systemd (Ubuntu Artful) | High | Fix Released | ||
| 1695546 | Out of bounds write in resolved with crafted TCP responses | systemd (Ubuntu Zesty) | Undecided | Fix Released | ||
Bug #1698734: systemd-resolved spams syslog whenever I'm disconnected
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1698734 | systemd-resolved spams syslog whenever I'm disconnected | systemd (Ubuntu) | Undecided | Fix Released | ||
| 1698734 | systemd-resolved spams syslog whenever I'm disconnected | systemd (Ubuntu Artful) | Undecided | Fix Released | ||
Bug #1704677: 229-4ubuntu18: '+' command prefix does not work in ExecStart*= and ExecStop*=
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1704677 | 229-4ubuntu18: '+' command prefix does not work in ExecStart*= and ExecStop*= | systemd (Ubuntu) | Critical | Invalid | ||
| 1704677 | 229-4ubuntu18: '+' command prefix does not work in ExecStart*= and ExecStop*= | systemd (Ubuntu Xenial) | Critical | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
