Lucene search

K
oraclelinuxOracleLinuxELSA-2023-7207
HistoryNov 22, 2023 - 12:00 a.m.

c-ares security update

2023-11-2200:00:00
linux.oracle.com
15
c-ares
security update
buffer underwrite
read-heap-buffer-overflow

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.4%

[1.13.0-9.1]

  • Resolves: RHEL-11931 - Buffer Underwrite in ares_inet_net_pton() [rhel-8.9.0.z]
    [1.13.0-9]
  • Resolves: rhbz#2238293 - CVE-2020-22217 c-ares: read-heap-buffer-overflow in ares_parse_soa_reply [rhel-8] [rhel-8.9.0.z]

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.4%