A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.
Metrics
Affected Vendors & Products
References
History
Mon, 16 Sep 2024 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-12-23T13:00:50.515Z
Updated: 2024-09-16T16:17:08.148Z
Reserved: 2023-12-20T15:28:32.966Z
Link: CVE-2023-7008
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-12-23T13:15:07.573
Modified: 2024-09-16T17:16:02.170
Link: CVE-2023-7008
Redhat