Vulnerabilities > CVE-2017-9217 - NULL Pointer Dereference vulnerability in Systemd Project Systemd
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2017-0A1B2D495A.NASL description A security fix for a systemd-resolved crash on a crafted DNS packet. Relevant only to systemd-resolved users (not enabled by default). No need to reboot or logout. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-06-13 plugin id 100740 published 2017-06-13 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100740 title Fedora 24 : systemd (2017-0a1b2d495a) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2017-0a1b2d495a. # include("compat.inc"); if (description) { script_id(100740); script_version("3.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-9217"); script_xref(name:"FEDORA", value:"2017-0a1b2d495a"); script_name(english:"Fedora 24 : systemd (2017-0a1b2d495a)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "A security fix for a systemd-resolved crash on a crafted DNS packet. Relevant only to systemd-resolved users (not enabled by default). No need to reboot or logout. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-0a1b2d495a" ); script_set_attribute( attribute:"solution", value:"Update the affected systemd package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:systemd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:24"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/05/24"); script_set_attribute(attribute:"patch_publication_date", value:"2017/06/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/06/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^24([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 24", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC24", reference:"systemd-229-20.fc24")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "systemd"); }
NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-1773-1.NASL description This update for systemd fixes the following issues: Security issue fixed : - CVE-2017-9217: resolved: Fix NULL pointer p->question dereferencing that could lead to resolved aborting (bsc#1040614) The update also fixed several non-security bugs : - core/mount: Use the last seen 2020-06-01 modified 2020-06-02 plugin id 101226 published 2017-07-05 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/101226 title SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2017:1773-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2017:1773-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(101226); script_version("3.8"); script_cvs_date("Date: 2019/09/11 11:22:15"); script_cve_id("CVE-2017-9217"); script_name(english:"SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2017:1773-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for systemd fixes the following issues: Security issue fixed : - CVE-2017-9217: resolved: Fix NULL pointer p->question dereferencing that could lead to resolved aborting (bsc#1040614) The update also fixed several non-security bugs : - core/mount: Use the '-c' flag to not canonicalize paths when calling /bin/umount - automount: Handle expire_tokens when the mount unit changes its state (bsc#1040942) - automount: Rework propagation between automount and mount units - build: Make sure tmpfiles.d/systemd-remote.conf get installed when necessary - build: Fix systemd-journal-upload installation - basic: Detect XEN Dom0 as no virtualization (bsc#1036873) - virt: Make sure some errors are not ignored - fstab-generator: Do not skip Before= ordering for noauto mountpoints - fstab-gen: Do not convert device timeout into seconds when initializing JobTimeoutSec - core/device: Use JobRunningTimeoutSec= for device units (bsc#1004995) - fstab-generator: Apply the _netdev option also to device units (bsc#1004995) - job: Add JobRunningTimeoutSec for JOB_RUNNING state (bsc#1004995) - job: Ensure JobRunningTimeoutSec= survives serialization (bsc#1004995) - rules: Export NVMe WWID udev attribute (bsc#1038865) - rules: Introduce disk/by-id (model_serial) symbolic links for NVMe drives - rules: Add rules for NVMe devices - sysusers: Make group shadow support configurable (bsc#1029516) - core: When deserializing a unit, fully restore its cgroup state (bsc#1029102) - core: Introduce cg_mask_from_string()/cg_mask_to_string() - core:execute: Fix handling failures of calling fork() in exec_spawn() (bsc#1040258) - Fix systemd-sysv-convert when a package starts shipping service units (bsc#982303) The database might be missing when upgrading a package which was shipping no sysv init scripts nor unit files (at the time --save was called) but the new version start shipping unit files. - Disable group shadow support (bsc#1029516) - Only check signature job error if signature job exists (bsc#1043758) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1004995" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1029102" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1029516" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1036873" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1038865" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1040258" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1040614" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1040942" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1043758" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=982303" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-9217/" ); # https://www.suse.com/support/update/announcement/2017/suse-su-20171773-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?e81716dd" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1104=1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1104=1 SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1104=1 SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1104=1 OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1104=1 To bring your system up-to-date, use 'zypper patch'." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsystemd0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsystemd0-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev1-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev1-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-debuginfo-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-sysvinit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:udev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:udev-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/05/24"); script_set_attribute(attribute:"patch_publication_date", value:"2017/07/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/07/05"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2", os_ver + " SP" + sp); if (os_ver == "SLED12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP2", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsystemd0-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsystemd0-debuginfo-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libudev1-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libudev1-debuginfo-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"systemd-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"systemd-debuginfo-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"systemd-debugsource-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"systemd-sysvinit-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"udev-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"udev-debuginfo-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsystemd0-32bit-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsystemd0-debuginfo-32bit-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libudev1-32bit-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libudev1-debuginfo-32bit-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"systemd-32bit-228-149.3")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"systemd-debuginfo-32bit-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libsystemd0-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libsystemd0-32bit-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libsystemd0-debuginfo-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libsystemd0-debuginfo-32bit-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libudev1-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libudev1-32bit-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libudev1-debuginfo-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libudev1-debuginfo-32bit-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"systemd-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"systemd-32bit-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"systemd-debuginfo-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"systemd-debuginfo-32bit-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"systemd-debugsource-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"systemd-sysvinit-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"udev-228-149.3")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"udev-debuginfo-228-149.3")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "systemd"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2017-8FF992386D.NASL description A security fix for a systemd-resolved crash on a crafted DNS packet. Relevant only to systemd-resolved users (not enabled by default). No need to reboot or logout. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-05-30 plugin id 100493 published 2017-05-30 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100493 title Fedora 25 : systemd (2017-8ff992386d) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2017-8ff992386d. # include("compat.inc"); if (description) { script_id(100493); script_version("3.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-9217"); script_xref(name:"FEDORA", value:"2017-8ff992386d"); script_name(english:"Fedora 25 : systemd (2017-8ff992386d)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "A security fix for a systemd-resolved crash on a crafted DNS packet. Relevant only to systemd-resolved users (not enabled by default). No need to reboot or logout. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2017-8ff992386d" ); script_set_attribute( attribute:"solution", value:"Update the affected systemd package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:systemd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:25"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/05/24"); script_set_attribute(attribute:"patch_publication_date", value:"2017/05/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^25([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 25", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC25", reference:"systemd-231-15.fc25")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "systemd"); }
NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-806.NASL description This update for systemd fixes the following issues : Security issue fixed : - CVE-2017-9217: resolved: Fix NULL pointer p->question dereferencing that could lead to resolved aborting (bsc#1040614) The update also fixed several non-security bugs : - core/mount: Use the last seen 2020-06-05 modified 2017-07-13 plugin id 101516 published 2017-07-13 reporter This script is Copyright (C) 2017-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/101516 title openSUSE Security Update : systemd (openSUSE-2017-806) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0041.NASL description An update of [systemd,curl,glibc,freetype2] packages for PhotonOS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111890 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111890 title Photon OS 1.0: Curl / Freetype2 / Glibc / Systemd PHSA-2017-0041 (deprecated) NASL family Fedora Local Security Checks NASL id FEDORA_2017-4C3C543D2E.NASL description Mostly a bugfix update, but includes an update of the keyboard/mouse hwdb and various small fixes and a minor security issue and a boot issue on virtualized systems with no VGA console. No need to reboot or log out. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-07-17 plugin id 101627 published 2017-07-17 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/101627 title Fedora 26 : systemd (2017-4c3c543d2e) NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-2031-1.NASL description This update for systemd provides several fixes and enhancements. Security issues fixed : - CVE-2017-9217: NULL pointer dereferencing that could lead to resolved aborting. (bsc#1040614) - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. (bsc#1045290) The update also fixed several non-security bugs : - core/mount: Use the last seen 2020-06-01 modified 2020-06-02 plugin id 102188 published 2017-08-04 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102188 title SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2017:2031-1) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0041_SYSTEMD.NASL description An update of the systemd package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121751 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121751 title Photon OS 1.0: Systemd PHSA-2017-0041
References
- http://www.securityfocus.com/bid/98677
- http://www.securityfocus.com/bid/98677
- https://github.com/systemd/systemd/commit/a924f43f30f9c4acaf70618dd2a055f8b0f166be
- https://github.com/systemd/systemd/commit/a924f43f30f9c4acaf70618dd2a055f8b0f166be
- https://github.com/systemd/systemd/pull/5998
- https://github.com/systemd/systemd/pull/5998
- https://launchpad.net/bugs/1621396
- https://launchpad.net/bugs/1621396
- https://security.netapp.com/advisory/ntap-20241213-0003/