{"id":"CVE-2017-9217","details":"systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.","modified":"2026-04-11T04:59:56.875607Z","published":"2017-05-24T05:29:00.223Z","related":["SUSE-SU-2017:1773-1","SUSE-SU-2017:2031-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20241213-0003/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/98677"},{"type":"REPORT","url":"https://launchpad.net/bugs/1621396"},{"type":"FIX","url":"https://github.com/systemd/systemd/pull/5998"},{"type":"FIX","url":"https://github.com/systemd/systemd/commit/a924f43f30f9c4acaf70618dd2a055f8b0f166be"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/systemd/systemd","events":[{"introduced":"0"},{"last_affected":"d60c527009133a1ed3d69c14b8c837c790e78d10"},{"fixed":"a924f43f30f9c4acaf70618dd2a055f8b0f166be"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"233"}]}}],"versions":["v1","v10","v11","v12","v13","v14","v15","v16","v17","v18","v183","v184","v185","v186","v187","v188","v189","v19","v190","v191","v192","v193","v194","v195","v196","v197","v198","v199","v2","v20","v200","v201","v202","v203","v204","v205","v206","v207","v208","v209","v21","v210","v211","v212","v213","v214","v215","v216","v217","v218","v219","v22","v220","v221","v222","v223","v224","v225","v226","v227","v228","v229","v23","v230","v231","v232","v233","v24","v25","v26","v27","v28","v29","v3","v30","v31","v32","v33","v34","v35","v36","v37","v38","v39","v4","v40","v41","v42","v43","v44","v5","v6","v7","v8","v9"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","target":{"file":"src/resolve/resolved-dns-packet.c"},"signature_type":"Line","source":"https://github.com/systemd/systemd/commit/a924f43f30f9c4acaf70618dd2a055f8b0f166be","digest":{"threshold":0.9,"line_hashes":["271159967483008844882920999565096995717","45454489445256345147963977968913982856","230245785695975270983349848465728071677"]},"deprecated":false,"id":"CVE-2017-9217-73b0e95b"},{"signature_version":"v1","target":{"function":"dns_packet_is_reply_for","file":"src/resolve/resolved-dns-packet.c"},"signature_type":"Function","source":"https://github.com/systemd/systemd/commit/a924f43f30f9c4acaf70618dd2a055f8b0f166be","digest":{"length":322,"function_hash":"146998496955851844362737428613817786473"},"deprecated":false,"id":"CVE-2017-9217-7ccf451d"}],"vanir_signatures_modified":"2026-04-11T04:59:56Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9217.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}