Описание
ELSA-2023-7116: c-ares security update (MODERATE)
[1.13.0-8]
- Resolves: rhbz#2209517 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service [rhel-8.9.0]
[1.13.0-7]
- Resolves: rhbz#2170867 - c-ares: buffer overflow in config_sortlist() due to missing string length check [rhel-8]
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
c-ares
1.13.0-8.el8
c-ares-devel
1.13.0-8.el8
Oracle Linux x86_64
c-ares
1.13.0-8.el8
c-ares-devel
1.13.0-8.el8
Связанные CVE
Связанные уязвимости
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
A flaw was found in the c-ares package. The ares_set_sortlist is missi ...