systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.
The product dereferences a pointer that it expects to be valid but is NULL.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Systemd | Systemd_project | * | 233 (including) |
Systemd | Ubuntu | devel | * |
Systemd | Ubuntu | esm-infra/xenial | * |
Systemd | Ubuntu | upstream | * |
Systemd | Ubuntu | xenial | * |
Systemd | Ubuntu | yakkety | * |
Systemd | Ubuntu | zesty | * |