CVE-2024-25629: c-ares out of bounds read in ares__read_line()
First published: Fri Feb 23 2024(Updated: )
c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist.
Credit: security-advisories@github.com security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/c-ares | <=1.14.0-1+deb10u1<=1.14.0-1+deb10u4<=1.17.1-1+deb11u3<=1.18.1-3 | 1.27.0-1 |
| ubuntu/c-ares | <1.14.0-1ubuntu0.2+ | 1.14.0-1ubuntu0.2+ |
| ubuntu/c-ares | <1.15.0-1ubuntu0.5 | 1.15.0-1ubuntu0.5 |
| ubuntu/c-ares | <1.18.1-1ubuntu0.22.04.3 | 1.18.1-1ubuntu0.22.04.3 |
| ubuntu/c-ares | <1.19.1-3ubuntu0.1 | 1.19.1-3ubuntu0.1 |
| ubuntu/c-ares | <1.27.0 | 1.27.0 |
| ubuntu/c-ares | <1.10.0-3ubuntu0.2+ | 1.10.0-3ubuntu0.2+ |
| redhat/c-ares | <1.27.0 | 1.27.0 |
| IBM Cognos Analytics | <=12.0.0-12.0.3 | |
| IBM Cognos Analytics | <=11.2.0-11.2.4 FP4 | |
| F5 Traffix Systems Signaling Delivery Controller | >=5.1.0<=5.2.0 | |
| c-ares | <1.27.0 | |
| Fedora | =38 | |
| Fedora | =39 | |
| Fedora | =40 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q
- https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183
- https://security-tracker.debian.org/tracker/CVE-2024-25629
- https://launchpad.net/bugs/cve/CVE-2024-25629
- https://ubuntu.com/security/notices/USN-6676-1
- https://www.cve.org/CVERecord?id=CVE-2024-25629
- https://nvd.nist.gov/vuln/detail/CVE-2024-25629
- https://ubuntu.com/security/CVE-2024-25629
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P76QYINQNPEHUTEEDOUYIRZ2X6UVZ5K/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSCMTSPDIE2UHU34TIXQQHZ6JTE3Y3VF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GX37LFPFQ3T6FFMMFYQTEGIQXXN7F27U/
- https://my.f5.com/manage/s/article/K000141051
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2265714
- https://access.redhat.com/errata/RHSA-2024:2779
- https://access.redhat.com/errata/RHSA-2024:2778
- https://access.redhat.com/errata/RHSA-2024:2780
- https://access.redhat.com/errata/RHSA-2024:2853
- https://access.redhat.com/errata/RHSA-2024:2910
- https://access.redhat.com/errata/RHSA-2024:3842
- https://access.redhat.com/errata/RHSA-2024:4249
- https://access.redhat.com/errata/RHSA-2024:4559
- https://access.redhat.com/errata/RHSA-2024:4721
- https://bugzilla.redhat.com/show_bug.cgi?id=2265713
- https://www.ibm.com/support/pages/node/7177223 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2024-25629?
CVE-2024-25629 has been assigned a severity rating that indicates potential exploitation could lead to significant security risks.
How do I fix CVE-2024-25629?
To fix CVE-2024-25629, update c-ares to version 1.27.0 or later.
Which software is affected by CVE-2024-25629?
CVE-2024-25629 affects multiple versions of the c-ares library across various operating systems and products.
What are the potential risks associated with CVE-2024-25629?
The risks include potential exploitation of vulnerabilities in DNS request handling, which could lead to data exposure or system compromise.
Is there a specific patch for CVE-2024-25629?
Yes, patches are available for various distributions, including updates for Ubuntu and Debian to resolve CVE-2024-25629.
- collector/oss-sec
- source/oss-sec
- alias/CVE-2024-25629
- agent/title
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- collector/launchpad-cve
- source/Launchpad
- collector/nvd-cve
- source/NVD
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/usn-cve
- source/Ubuntu
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- collector/ibm-support
- source/IBM
- agent/references
- agent/description
- agent/trending
- agent/source
- collector/f5-advisory
- source/F5
- agent/software-canonical-lookup-request
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- package-manager/debian
- package-manager/ubuntu
- package-manager/redhat
- vendor/ibm
- canonical/ibm cognos analytics
- version/ibm cognos analytics/12.0.0-12.0.3
- version/ibm cognos analytics/11.2.0-11.2.4 fp4
- vendor/f5
- canonical/f5 traffix systems signaling delivery controller
- version/f5 traffix systems signaling delivery controller/5.1.0
- version/f5 traffix systems signaling delivery controller/5.2.0
- vendor/c-ares
- canonical/c-ares
- vendor/fedoraproject
- canonical/fedora
- version/fedora/38
- version/fedora/39
- version/fedora/40