It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings.
{ "availability": "No subscription required", "binaries": [ { "libsystemd0": "237-3ubuntu10.28", "udev": "237-3ubuntu10.28", "systemd-coredump": "237-3ubuntu10.28", "libnss-resolve": "237-3ubuntu10.28", "systemd-container-dbgsym": "237-3ubuntu10.28", "systemd-container": "237-3ubuntu10.28", "systemd-sysv": "237-3ubuntu10.28", "libnss-myhostname": "237-3ubuntu10.28", "libudev-dev": "237-3ubuntu10.28", "libnss-resolve-dbgsym": "237-3ubuntu10.28", "systemd-dbgsym": "237-3ubuntu10.28", "systemd-coredump-dbgsym": "237-3ubuntu10.28", "systemd-tests": "237-3ubuntu10.28", "libnss-mymachines-dbgsym": "237-3ubuntu10.28", "systemd-journal-remote-dbgsym": "237-3ubuntu10.28", "libnss-systemd-dbgsym": "237-3ubuntu10.28", "libpam-systemd": "237-3ubuntu10.28", "libsystemd-dev": "237-3ubuntu10.28", "libudev1-udeb": "237-3ubuntu10.28", "systemd-journal-remote": "237-3ubuntu10.28", "libnss-systemd": "237-3ubuntu10.28", "libudev1-dbgsym": "237-3ubuntu10.28", "libnss-myhostname-dbgsym": "237-3ubuntu10.28", "udev-dbgsym": "237-3ubuntu10.28", "udev-udeb": "237-3ubuntu10.28", "libpam-systemd-dbgsym": "237-3ubuntu10.28", "libudev1": "237-3ubuntu10.28", "libnss-mymachines": "237-3ubuntu10.28", "libsystemd0-dbgsym": "237-3ubuntu10.28", "systemd": "237-3ubuntu10.28", "systemd-tests-dbgsym": "237-3ubuntu10.28" } ] }