CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25629 – c-ares out of bounds read in ares__read_line()
https://notcve.org/view.php?id=CVE-2024-25629
c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist. c-ares es una librería C para solicitudes DNS asincrónicas. • https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183 https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P76QYINQNPEHUTEEDOUYIRZ2X6UVZ5K https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSCMTSPDIE2UHU34TIXQQHZ6JTE3Y3VF https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GX37LFPFQ3T6FFMMFYQTEGIQXXN7F27U https://access.redhat. • CWE-127: Buffer Under-read •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22217 – c-ares: Heap buffer over read in ares_parse_soa_reply
https://notcve.org/view.php?id=CVE-2020-22217
Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. Vulnerabilidad de desbordamiento de búfer en c-ares antes de 1_16_1 a 1_17_0 mediante la función ares_parse_soa_reply en ares_parse_soa_reply.c. A heap buffer over-read flaw was found in c-ares via the ares_parse_soa_reply function in ares_parse_soa_reply.c. • https://github.com/c-ares/c-ares/issues/333 https://lists.debian.org/debian-lts-announce/2023/09/msg00014.html https://access.redhat.com/security/cve/CVE-2020-22217 https://bugzilla.redhat.com/show_bug.cgi?id=2235527 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-32067 – 0-byte UDP payload DoS in c-ares
https://notcve.org/view.php?id=CVE-2023-32067
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1. A vulnerability was found in c-ares. • https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1 https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc https://lists.debian.org/debian-lts-announce/2023/06/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7 https://security.gentoo.org/glsa/202310-09 https://security.n • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-31147 – Insufficient randomness in generation of DNS query IDs in c-ares
https://notcve.org/view.php?id=CVE-2023-31147
c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. • https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1 https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7 https://security.gentoo.org/glsa/202310-09 https://access.redhat.com/security/cve/CVE-2023-31147 https://bugzilla.redhat.com/sho • CWE-330: Use of Insufficiently Random Values •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2023-31130 – Buffer Underwrite in ares_inet_net_pton()
https://notcve.org/view.php?id=CVE-2023-31130
c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1. A vulnerability was found in c-ares. • https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1 https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v https://lists.debian.org/debian-lts-announce/2023/06/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7 https://security.gentoo.org/glsa/202310-09 https://security.n • CWE-124: Buffer Underwrite ('Buffer Underflow') CWE-787: Out-of-bounds Write •