ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CVE-2017-9445: Linux initialisation daemon (systemd) vulnerability


Article ID: 15411


Updated On:


CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager (PAM)


Linux has reported a Security Vulnerability patch and I would like to know if this patch is installed in PAM or if this vulnerability does not affect our system. 

Description: In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.



All PAM Releases


CA PAM is not affected by this vulnerability since it is not using systemd.