In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the systemd-resolved service and cause a DoS of the affected service.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Systemd | Systemd_project | 223 (including) | 223 (including) |
| Systemd | Systemd_project | 224 (including) | 224 (including) |
| Systemd | Systemd_project | 225 (including) | 225 (including) |
| Systemd | Systemd_project | 226 (including) | 226 (including) |
| Systemd | Systemd_project | 227 (including) | 227 (including) |
| Systemd | Systemd_project | 228 (including) | 228 (including) |
| Systemd | Systemd_project | 229 (including) | 229 (including) |
| Systemd | Systemd_project | 230 (including) | 230 (including) |
| Systemd | Systemd_project | 231 (including) | 231 (including) |
| Systemd | Systemd_project | 232 (including) | 232 (including) |
| Systemd | Systemd_project | 233 (including) | 233 (including) |
| Systemd | Systemd_project | 234 (including) | 234 (including) |
| Systemd | Systemd_project | 235 (including) | 235 (including) |
| Systemd | Ubuntu | artful | * |
| Systemd | Ubuntu | devel | * |
| Systemd | Ubuntu | xenial | * |
| Systemd | Ubuntu | zesty | * |