A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.
References
Configurations
Configuration 1 (hide)
AND |
|
History
30 Apr 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 Jan 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
24 Jan 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Jan 2024, 19:14
Type | Values Removed | Values Added |
---|---|---|
References | () https://access.redhat.com/security/cve/CVE-2023-7008 - Vendor Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2222261 - Issue Tracking | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2222672 - Issue Tracking | |
References | () https://github.com/systemd/systemd/issues/25676 - Issue Tracking | |
CPE | cpe:2.3:a:systemd_project:systemd:25:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-Other | |
First Time |
Debian
Systemd Project Systemd Project systemd Debian debian Linux |
|
Summary |
|
23 Dec 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-23 13:15
Updated : 2024-04-30 14:15
NVD link : CVE-2023-7008
Mitre link : CVE-2023-7008
CVE.ORG link : CVE-2023-7008
JSON object : View
Products Affected
systemd_project
- systemd
debian
- debian_linux
CWE