cbcvebase.
CVE-2023-7008
published 2023-12-23

CVE-2023-7008: A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no…

medium5.9CVSS 3.1
AVNACHPRNUINSUCNIHAN
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

Affected

11 ranges
VendorProductVersion rangeFixed in
debiansystemd< systemd 252.21-1~deb12u1 (bookworm)systemd 252.21-1~deb12u1 (bookworm)
msrcazl3_systemd-bootstrap_250.3-18_on_azure_linux_3.0
msrcazl3_systemd_255-20_on_azure_linux_3.0
msrcazl3_systemd_255-21_on_azure_linux_3.0
msrccbl2_systemd-bootstrap_250.3-13_on_cbl_mariner_2.0
msrccbl2_systemd_250.3-22_on_cbl_mariner_2.0
systemd_projectsystemd
systemd_projectsystemd>= 0 < 247.3-7+deb11u6247.3-7+deb11u6
systemd_projectsystemd>= 0 < 252.21-1~deb12u1252.21-1~deb12u1
systemd_projectsystemd>= 0 < 255.1-3255.1-3
systemd_projectsystemd>= 0 < 255.1-3255.1-3

CVSS provenance

nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
osv5.9MEDIUM