Lucene search

K
mageiaGentoo FoundationMGASA-2024-0051
HistoryFeb 28, 2024 - 8:47 a.m.

Updated c-ares packages fix security vulnerabilitie

2024-02-2808:47:52
Gentoo Foundation
advisories.mageia.org
18
updated packages
out of bounds read
c-ares
security vulnerability
unix

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

The updated packages fix a security vulnerability: Out of bounds read in ares__read_line(). (CVE-2024-25629)

OSVersionArchitecturePackageVersionFilename
Mageia9noarchc-ares< 1.19.1-1.1c-ares-1.19.1-1.1.mga9

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%