c-ares: Out of bounds read in ares__read_line()

A vulnerability was found in c-ares where the aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.22.0, the /etc/hosts file. If the configuration files have an embedded NULL character ...

c-ares security update

1.19.1-2 - Resolves: RHEL-26529 - Out of bounds read in aresreadline rhel-9...

c-ares: Out of bounds read in ares__read_line()

A vulnerability was found in c-ares where the aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.22.0, the /etc/hosts file. If the configuration files have an embedded NULL character ...

The vulnerability of the ares__read_line function in the C-ares asynchronous DNS request library allows a attacker to cause a service failure.

The vulnerability of the aresreadline function in the asynchronous DNS request library C-ares is related to the operation leaving the buffer boundaries into memory. Exploiting this vulnerability can allow an attacker to cause a service failure...