Untriaged
Permalink
CVE-2023-7008
5.9 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): HIGH
- Availability impact (A): NONE
Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.
References
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://github.com/systemd/systemd/issues/25676
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261 x_transferred
- RHBZ#2222672 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/systemd/systemd/issues/25676 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261 x_transferred
- RHBZ#2222672 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/systemd/systemd/issues/25676 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry x_transferred
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261 x_transferred
- RHBZ#2222672 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/systemd/systemd/issues/25676 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261 x_transferred
- RHBZ#2222672 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/systemd/systemd/issues/25676 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261 x_transferred
- RHBZ#2222672 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/systemd/systemd/issues/25676 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20241122-0004/
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261 x_transferred
- RHBZ#2222672 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/systemd/systemd/issues/25676 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20241122-0004/
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261 x_transferred
- RHBZ#2222672 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/systemd/systemd/issues/25676 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20241122-0004/
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- https://github.com/systemd/systemd/issues/25676
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261 x_transferred
- RHBZ#2222672 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/systemd/systemd/issues/25676 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20241122-0004/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html
- https://github.com/systemd/systemd/issues/25676
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- RHBZ#2222672 issue-tracking x_refsource_REDHAT
- RHSA-2024:2463 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3203 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-7008 x_refsource_REDHAT vdb-entry x_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261 x_transferred
- RHBZ#2222672 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/systemd/systemd/issues/25676 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20241122-0004/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html
Affected products
systemd
- ==25X
- *
Matching in nixpkgs
pkgs.systemd-lsp
Language server implementation for systemd unit files made in Rust
-
nixos-unstable -
- nixpkgs-unstable 0.1.0
pkgs.systemdLibs
System and service manager for Linux
-
nixos-unstable -
- nixpkgs-unstable 257.8
pkgs.rofi-systemd
Control your systemd units using rofi
-
nixos-unstable -
- nixpkgs-unstable 0.1.1
pkgs.systemd-wait
Wait for a systemd unit to enter a specific state
-
nixos-unstable -
- nixpkgs-unstable 0.1+2018-10-05
pkgs.systemdUkify
System and service manager for Linux
-
nixos-unstable -
- nixpkgs-unstable 257.8
pkgs.systemdgenie
Systemd management utility
-
nixos-unstable -
- nixpkgs-unstable 0.99.0
pkgs.check_systemd
Nagios / Icinga monitoring plugin to check systemd for failed units
-
nixos-unstable -
- nixpkgs-unstable 5.0.0
pkgs.systemdMinimal
System and service manager for Linux
-
nixos-unstable -
- nixpkgs-unstable 257.8
pkgs.systemd-netlogd
Forwards messages from the journal to other hosts over the network
-
nixos-unstable -
- nixpkgs-unstable 1.4.4
pkgs.systemd-bootchart
Boot performance graphing tool from systemd
-
nixos-unstable -
- nixpkgs-unstable 235
pkgs.systemd-manager-tui
Program for managing systemd services through a TUI
-
nixos-unstable -
- nixpkgs-unstable 1.1.0
pkgs.systemd-lock-handler
Translates systemd-system lock/sleep signals into systemd-user target activations
-
nixos-unstable -
- nixpkgs-unstable 2.4.2
pkgs.haskellPackages.systemd
Systemd facilities (Socket activation, Notify)
-
nixos-unstable -
- nixpkgs-unstable 2.4.0
pkgs.php81Extensions.systemd
PHP extension allowing native interaction with systemd and its journal
-
nixos-unstable -
- nixpkgs-unstable 0.1.2-unstable-2018-06-11
pkgs.php82Extensions.systemd
PHP extension allowing native interaction with systemd and its journal
-
nixos-unstable -
- nixpkgs-unstable 0.1.2-unstable-2018-06-11
pkgs.php83Extensions.systemd
PHP extension allowing native interaction with systemd and its journal
-
nixos-unstable -
- nixpkgs-unstable 0.1.2-unstable-2018-06-11
pkgs.php84Extensions.systemd
PHP extension allowing native interaction with systemd and its journal
-
nixos-unstable -
- nixpkgs-unstable 0.1.2-unstable-2018-06-11
pkgs.systemd-language-server
Language Server for Systemd unit files
-
nixos-unstable -
- nixpkgs-unstable 0.3.5
pkgs.update-systemd-resolved
Helper script for OpenVPN to directly update the DNS settings of a link through systemd-resolved via DBus
-
nixos-unstable -
- nixpkgs-unstable 1.3.0
pkgs.python312Packages.systemd
Python module for native access to the systemd facilities
-
nixos-unstable -
- nixpkgs-unstable 235
pkgs.python313Packages.systemd
Python module for native access to the systemd facilities
-
nixos-unstable -
- nixpkgs-unstable 235
pkgs.haskellPackages.systemd-api
systemd bindings
-
nixos-unstable -
- nixpkgs-unstable 0.1.0.1
pkgs.nagiosPlugins.check_systemd
Nagios / Icinga monitoring plugin to check systemd for failed units
-
nixos-unstable -
- nixpkgs-unstable 5.0.0
pkgs.prometheus-systemd-exporter
Exporter for systemd unit metrics
-
nixos-unstable -
- nixpkgs-unstable 0.7.0
pkgs.haskellPackages.warp-systemd
Socket activation and other systemd integration for the Warp web server (WAI)
-
nixos-unstable -
- nixpkgs-unstable 0.3.0.0
pkgs.gnomeExtensions.systemd-status
Show systemd system state
-
nixos-unstable -
- nixpkgs-unstable 8
pkgs.gnomeExtensions.systemd-manager
GNOME Shell extension to manage systemd services
-
nixos-unstable -
- nixpkgs-unstable 19
pkgs.haskellPackages.libsystemd-journal
Haskell bindings to libsystemd-journal
-
nixos-unstable -
- nixpkgs-unstable 1.4.6.0
pkgs.python312Packages.systemdunitparser
SystemdUnitParser is an extension to Python's configparser.RawConfigParser to properly parse systemd unit files
-
nixos-unstable -
- nixpkgs-unstable 0.4
pkgs.python313Packages.systemdunitparser
SystemdUnitParser is an extension to Python's configparser.RawConfigParser to properly parse systemd unit files
-
nixos-unstable -
- nixpkgs-unstable 0.4
pkgs.python312Packages.jupyterhub-systemdspawner
JupyterHub Spawner using systemd for resource isolation
-
nixos-unstable -
- nixpkgs-unstable 1.0.2
pkgs.python313Packages.jupyterhub-systemdspawner
JupyterHub Spawner using systemd for resource isolation
-
nixos-unstable -
- nixpkgs-unstable 1.0.2
-
nixos-unstable -
- nixpkgs-unstable 1.0.6
pkgs.gnomeExtensions.systemd-offline-update-indicator
Show an indicator for pending systemd offline updates.
-
nixos-unstable -
- nixpkgs-unstable 7
pkgs.tests.pkg-config.defaultPkgConfigPackages.libudev
Test whether systemd-257.8 exposes pkg-config modules libudev
pkgs.tests.pkg-config.defaultPkgConfigPackages.libsystemd
Test whether systemd-257.8 exposes pkg-config modules libsystemd
Package maintainers
-
@symphorien Guillaume Girol <symphorien_nixpkgs@xlumurb.eu>
-
@doronbehar Doron Behar <me@doronbehar.com>
-
@linsui linsui <linsui555@gmail.com>
-
@honnip Jung seungwoo <me@honnip.page>
-
@sternenseemann Lukas Epple <sternenseemann@systemli.org>
-
@mpscholten Marc Scholten <marc@digitallyinduced.com>
-
@talyz Kim Lindberger <kim.lindberger@gmail.com>
-
@aanderse Aaron Andersen <aaron@fosslib.net>
-
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
-
@piotrkwiecinski Piotr Kwiecinski <piokwiecinski+nixpkgs@gmail.com>
-
@chkno Scott Worley <scottworley@scottworley.com>
-
@RaitoBezarius Ryan Lahfa <ryan@lahfa.xyz>
-
@colonelpanic8 Ivan Malison <IvanMalison@gmail.com>
-
@arianvp Arian van Putten <arian.vanputten@gmail.com>
-
@flokli Florian Klink <flokli@flokli.de>
-
@LordGrimmauld Sören Bender <soeren@benjos.de>
-
@ElvishJerricco Will Fancher <elvishjerricco@gmail.com>
-
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
-
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
-
@liff Olli Helenius <liff@iki.fi>
-
@mahyarmirrashed Mahyar Mirrashed <mah.mirr@gmail.com>
-
@VuiMuich Johannes Mayrhofer <vuimuich@quantentunnel.de>
-
@getchoo Seth Flynn <getchoo@tuta.io>
-
@benley Benjamin Staffin <benley@gmail.com>
-
@pasqui23 pasqui23 <p3dimaria@hotmail.it>
-
@eadwu Edmund Wu <edmund.wu@protonmail.com>
-
@kamadorueda Kevin Amado <kamadorueda@gmail.com>