Bugzilla – Bug 1202574
VUL-0: CVE-2022-2526: systemd: systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
Last modified: 2022-09-14 12:04:54 UTC
systemd-resolved is susceptible to a Use After Free (UAF) vulnerability in how DNS packets are handled. Functions such as on_stream_io and dns_stream_complete in resolved-dns-stream.c do not increment the reference counting for the DnsStream object they are working on. Other functions and callbacks called there (e.g. on_llmnr_stream_packet) could unreference the DnsStream object, causing a Use After Free when the reference is still used later.
This is fixed since v240. So everything <= SUSE:SLE-15:Update is affected.
None of the SLE distros ships systemd-resolved.
IIRC Leap started shipping systemd-resolved since 15.3, which uses v246.
So I don't think we need to fix this issue.
Alexander, could you confirm ?
Our customer would like to know if this CVE affect our SLE product because it shows "affected" from "https://www.suse.com/security/cve/CVE-2022-2526.html". Could you help to confirm it and update the status?
As Frank said in comment 2, we don't ship the affected component (systemd-resolved) in SLE, so we aren't affected.