What is the vulnerability ID for this c-ares vulnerability?

The vulnerability ID for this c-ares vulnerability is CVE-2020-22217.

What is the impact of the c-ares vulnerability?

The c-ares vulnerability can result in a denial of service by causing c-ares to crash.

Which software versions are affected by this c-ares vulnerability?

The affected software version is libc-ares2 1.15.0-1ubuntu0.4 on Ubuntu 20.04.

How can I fix the c-ares vulnerability?

To fix the c-ares vulnerability, you should update libc-ares2 to version 1.15.0-1ubuntu0.4.

Where can I find more information about the c-ares vulnerability?

You can find more information about the c-ares vulnerability in the Ubuntu Security Notice USN-6376-1.

vuln-group

USN-6376-1

USN-6376-1: c-ares vulnerability

First published: Mon Sep 18 2023

Last modified: Mon Sep 18 2023

It was discovered that c-ares incorrectly parsed certain SOA replies. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service.

Any of

All of
- ubuntu/libc-ares2
  <1.15.0-1ubuntu0.4
  fixed in: 1.15.0-1ubuntu0.4
- Ubuntu Ubuntu
  20.04

FAQ

What is the vulnerability ID for this c-ares vulnerability?
The vulnerability ID for this c-ares vulnerability is CVE-2020-22217.
What is the impact of the c-ares vulnerability?
The c-ares vulnerability can result in a denial of service by causing c-ares to crash.
Which software versions are affected by this c-ares vulnerability?
The affected software version is libc-ares2 1.15.0-1ubuntu0.4 on Ubuntu 20.04.
How can I fix the c-ares vulnerability?
To fix the c-ares vulnerability, you should update libc-ares2 to version 1.15.0-1ubuntu0.4.
Where can I find more information about the c-ares vulnerability?
You can find more information about the c-ares vulnerability in the Ubuntu Security Notice USN-6376-1.

Reference Links

collector/usn
package-manager/ubuntu
vendor/ubuntu
product/ubuntu
canonical/ubuntu ubuntu

Child vulnerabilities

CVE-2020-22217