c-ares security update

🗓️ 13 Jun 2023 19:55:23Reported by Rockylinux Product ErrataType

rocky

rocky🔗 errata.rockylinux.org👁 46 Views

c-ares security update affecting Rocky Linux 9 with 0-byte UDP payload Denial of Service vulnerability

Reporter	Title	Published	Views	Family All 302
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Storage Defender – Data Protect	30 Aug 202317:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to multiple vulnerabilities	2 Oct 202410:07	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities	24 Oct 202319:01	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service and arbitrary code execution due to [CVE-2022-4904], [CVE-2023-32067]	28 Jul 202314:31	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps	26 Mar 202503:54	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	15 Apr 202503:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities	12 Aug 202422:17	–	ibm
Tenable Nessus	Amazon Linux 2023 : c-ares, c-ares-devel (ALAS2023-2023-198)	8 Jun 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2023-344)	20 Sep 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : c-ares (ALAS-2023-2127)	20 Jul 202300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Rocky Linux	9	aarch64	c-ares	0:1.17.1-5.el9_2.1	c-ares-0:1.17.1-5.el9_2.1.aarch64.rpm
Rocky Linux	9	i686	c-ares	0:1.17.1-5.el9_2.1	c-ares-0:1.17.1-5.el9_2.1.i686.rpm
Rocky Linux	9	ppc64le	c-ares	0:1.17.1-5.el9_2.1	c-ares-0:1.17.1-5.el9_2.1.ppc64le.rpm
Rocky Linux	9	s390x	c-ares	0:1.17.1-5.el9_2.1	c-ares-0:1.17.1-5.el9_2.1.s390x.rpm
Rocky Linux	9	x86_64	c-ares	0:1.17.1-5.el9_2.1	c-ares-0:1.17.1-5.el9_2.1.x86_64.rpm
Rocky Linux	9	aarch64	c-ares-debuginfo	0:1.17.1-5.el9_2.1	c-ares-debuginfo-0:1.17.1-5.el9_2.1.aarch64.rpm
Rocky Linux	9	ppc64le	c-ares-debuginfo	0:1.17.1-5.el9_2.1	c-ares-debuginfo-0:1.17.1-5.el9_2.1.ppc64le.rpm
Rocky Linux	9	s390x	c-ares-debuginfo	0:1.17.1-5.el9_2.1	c-ares-debuginfo-0:1.17.1-5.el9_2.1.s390x.rpm
Rocky Linux	9	x86_64	c-ares-debuginfo	0:1.17.1-5.el9_2.1	c-ares-debuginfo-0:1.17.1-5.el9_2.1.x86_64.rpm
Rocky Linux	9	aarch64	c-ares-debugsource	0:1.17.1-5.el9_2.1	c-ares-debugsource-0:1.17.1-5.el9_2.1.aarch64.rpm

13 Jun 2023 19:55Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.17.5

EPSS0.01577

SSVC

c-ares rocky linux 9 udp payload denial of service cve-2023-32067 dns requests security update