18 matches found
OPENSUSE-SU-2026:20698-1 Security update for c-ares
This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore Windows IDN Search Domains until proper IDN support is added Various bug fixes...
SUSE-SU-2026:21584-1 Security update for c-ares
This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore Windows IDN Search Domains until proper IDN support is added Various bug fixes...
SUSE-SU-2026:21574-1 Security update for c-ares
This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore Windows IDN Search Domains until proper IDN support is added Various bug fixes...
Security Bulletin: Use-After-Free Vulnerability in c-ares read_answers() Function (v1.32.3–v1.34.4) affects watsonx.data
Summary CVE-2025-31498 - A use-after-free vulnerability exists in c-ares v1.32.3–v1.34.4 within the readanswers function. It can occur when processanswer re-enqueues queries under certain DNS conditions, potentially leading to crashes or unexpected behavior. This can affect watsonx.data...
MiracleLinux 8 : nodejs:22 (AXSA:2025-9926:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9926:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the precedi...
MiracleLinux 9 : nodejs:22 (AXSA:2025-10479:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10479:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the...
c-ares: c-ares has a use-after-free in read_answers()
A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...
c-ares: c-ares has a use-after-free in read_answers()
A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...
c-ares: c-ares has a use-after-free in read_answers()
A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...
c-ares: c-ares has a use-after-free in read_answers()
A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...
c-ares: c-ares has a use-after-free in read_answers()
A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...
c-ares: c-ares has a use-after-free in read_answers()
A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...
Medium: nodejs20
Issue Overview: c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if t...
c-ares has a use-after-free in read_answers()
...
SUSE CVE-2025-31498
c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...
DEBIAN-CVE-2025-31498
c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...
ALPINE-CVE-2025-31498
c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...
UBUNTU-CVE-2025-31498
c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...