Описание
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.14.0-1ubuntu0.2 |
| devel | not-affected | 1.18.1-2 |
| esm-infra/bionic | not-affected | 1.14.0-1ubuntu0.2 |
| esm-infra/focal | not-affected | 1.15.0-1ubuntu0.2 |
| esm-infra/xenial | needs-triage | |
| focal | released | 1.15.0-1ubuntu0.2 |
| jammy | released | 1.18.1-1ubuntu0.22.04.1 |
| kinetic | released | 1.18.1-1ubuntu0.22.10.1 |
| lunar | not-affected | 1.18.1-2 |
| mantic | not-affected | 1.18.1-2 |
Показывать по
EPSS
8.6 High
CVSS3
Связанные уязвимости
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
A flaw was found in the c-ares package. The ares_set_sortlist is missi ...
EPSS
8.6 High
CVSS3