Advisory ROSA-SA-2023-2284

software: c-ares 1.18.1
OS: ROSA-CHROME

package_evr_string: c-ares-1.18.1-2.src.rpm

CVE-ID: CVE-2022-4904
BDU-ID: 2023-01258
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the ares_set_sortlist function of the c-ares asynchronous DNS query library is related to a lack of input string validation, allowing a possible stack overflow of arbitrary length. Exploitation of the vulnerability could allow an attacker to cause a denial of service or have limited impact on confidentiality and integrity
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update c-ares

CVE-ID: CVE-2023-31130
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: c-ares is an asynchronous converter library. ares_inet_net_pton() is vulnerable to buffer emptying for certain ipv6 addresses, in particular “0::00:00:00:00:00/2” was found to cause the problem. C-ares only uses this function for internal configuration purposes, which would require an administrator to configure such an address using ares_set_sortlist(). However, users may use ares_inet_net_pton() externally for other purposes and thus be subject to more serious problems.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update c-ares

CVE-ID: CVE-2023-32067
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: c-ares is an asynchronous converter library. c-ares is vulnerable to denial of service. If the target inverter sends a request, the attacker forges a garbled UDP packet of length 0 and returns it to the target inverter. The target converter mistakenly interprets length 0 as a valid connection termination.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update c-ares