2 matches found
[SECURITY] [DSA 6084-1] c-ares security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6084-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 18, 2025 https://www.debian.org/security/faq -...
CVE-2025-31498
CVE-2025-31498 (c-ares) affects versions 1.32.3–1.34.4 of the asynchronous resolver library. The issue is a use-after-free in read_answers() that can occur when process_answer() re-enqueues a query (e.g., due to DNS Cookie Failure or EDNS issues, or on TCP paths after a premature close). If an er...