CVE-2017-15908 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15908): In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service. References: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351 https://github.com/systemd/systemd/pull/7184 Note: A patch is available upstream, however the commit has not been included in any releases yet.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=06c2355e8eca30994fa0416793e2e04efd652c41 commit 06c2355e8eca30994fa0416793e2e04efd652c41 Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2017-10-26 21:36:27 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2017-10-26 21:36:45 +0000 sys-apps/systemd: backport fix for CVE-2017-15908 Bug: https://bugs.gentoo.org/635514 Package-Manager: Portage-2.3.11_p4, Repoman-2.3.3_p62 sys-apps/systemd/files/CVE-2017-15908.patch | 39 ++ sys-apps/systemd/systemd-233-r5.ebuild | 461 +++++++++++++++++++++ .../{systemd-235.ebuild => systemd-235-r1.ebuild} | 1 + 3 files changed, 501 insertions(+)}
x86 stable
systemd-233-r6 is in the tree and contains the fix for this CVE. Stabilization has occurred on bug 635718.
GLSA Vote: No cleanup will happen in bug 635718