Lucene search
OracleLinuxELSA-2023-7116HistoryNov 17, 2023 - 12:00 a.m.
c-ares security update
2023-11-1700:00:00
linux.oracle.com
14
c-ares
security update
udp payload dos
buffer overflow
config_sortlist
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
8.9 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
25.3%
[1.13.0-8]
- Resolves: rhbz#2209517 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service [rhel-8.9.0]
[1.13.0-7] - Resolves: rhbz#2170867 - c-ares: buffer overflow in config_sortlist() due to missing string length check [rhel-8]
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | c-ares | < 1.13.0-8.el8 | c-ares-1.13.0-8.el8.src.rpm |
| oracle linux | 8 | src | c-ares | < 1.13.0-8.el8 | c-ares-1.13.0-8.el8.src.rpm |
| oracle linux | 8 | aarch64 | c-ares | < 1.13.0-8.el8 | c-ares-1.13.0-8.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | c-ares | < 1.13.0-8.el8 | c-ares-1.13.0-8.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | c-ares-devel | < 1.13.0-8.el8 | c-ares-devel-1.13.0-8.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | c-ares-devel | < 1.13.0-8.el8 | c-ares-devel-1.13.0-8.el8.aarch64.rpm |
| oracle linux | 8 | src | c-ares | < 1.13.0-8.el8 | c-ares-1.13.0-8.el8.src.rpm |
| oracle linux | 8 | src | c-ares | < 1.13.0-8.el8 | c-ares-1.13.0-8.el8.src.rpm |
| oracle linux | 8 | i686 | c-ares | < 1.13.0-8.el8 | c-ares-1.13.0-8.el8.i686.rpm |
| oracle linux | 8 | i686 | c-ares | < 1.13.0-8.el8 | c-ares-1.13.0-8.el8.i686.rpm |
Related
nessus
nessus
EulerOS Virtualization 2.9.0 : c-ares (EulerOS-SA-2023-2013)
2023-06-02 00:00:00
EulerOS 2.0 SP10 : c-ares (EulerOS-SA-2023-1970)
2023-05-18 00:00:00
osv
osv
c-ares vulnerability
2023-03-02 12:48:30
Moderate: c-ares security update
2023-11-14 00:00:00
c-ares - security update
2023-02-18 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-4904 affecting package grpc for versions less than 1.62.0-2
2024-04-17 22:02:46
CVE-2022-4904 affecting package nodejs for versions less than 16.20.1-2
2023-08-03 02:51:21
CVE-2022-4904 affecting package nodejs 14.21.3-1
2024-05-11 15:54:01
openvas
openvas
Fedora: Security Advisory for c-ares (FEDORA-2023-30e81e5293)
2023-03-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3420-1)
2023-08-25 00:00:00
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-1970)
2023-05-18 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: c-ares-1.19.0-1.fc37
2023-02-23 02:21:41
[SECURITY] Fedora 36 Update: c-ares-1.19.0-1.fc36
2023-03-08 01:22:23
mageia
mageia
Updated c-ares packages fix security vulnerability
2023-02-27 23:27:16
prion
prion
Stack overflow
2023-03-06 23:15:00
redos
redos
ROS-20230316-01
2023-03-16 00:00:00
ubuntucve
ubuntucve
CVE-2022-4904
2023-02-15 00:00:00
debian
debian
[SECURITY] [DLA 3323-1] c-ares security update
2023-02-18 22:55:39
almalinux
almalinux
Moderate: c-ares security update
2023-11-14 00:00:00
Moderate: c-ares security, bug fix, and enhancement update
2023-11-07 00:00:00
Important: nodejs:18 security update
2023-07-12 00:00:00
ubuntu
ubuntu
c-ares vulnerability
2023-03-02 00:00:00
gitlab
gitlab
Improper Input Validation
2023-03-06 00:00:00
redhat
redhat
(RHSA-2023:7116) Moderate: c-ares security update
2023-11-14 08:45:36
(RHSA-2023:7368) Moderate: c-ares security update
2023-11-21 08:12:35
(RHSA-2023:6291) Moderate: c-ares security update
2023-11-02 15:39:01
cve
cve
CVE-2022-4904
2023-03-06 23:15:00
amazon
amazon
Medium: c-ares
2023-07-05 21:44:00
Medium: c-ares
2024-01-03 21:04:00
redhatcve
redhatcve
CVE-2022-4904
2023-02-15 10:29:26
debiancve
debiancve
CVE-2022-4904
2023-03-06 23:15:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0552
2023-03-17 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0365
2023-03-27 00:00:00
ibm
ibm
rosalinux
rosalinux
Advisory ROSA-SA-2023-2284
2023-10-31 14:04:36
Advisory ROSA-SA-2023-2246
2023-10-17 12:06:48
oraclelinux
oraclelinux
c-ares security, bug fix, and enhancement update
2023-11-11 00:00:00
nodejs:18 security update
2023-07-19 00:00:00
nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-05-17 00:00:00
rocky
rocky
nodejs:18 security update
2023-08-31 16:54:34
nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-05-25 19:53:09
nodejs:14 security, bug fix, and enhancement update
2023-04-26 15:28:13
gentoo
gentoo
c-ares: Multiple Vulnerabilities
2024-01-05 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
8.9 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
25.3%
Related for ELSA-2023-7116