First published: Mon Sep 18 2023
Last modified: Mon Sep 18 2023
It was discovered that c-ares incorrectly parsed certain SOA replies. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service.
The vulnerability ID for this c-ares vulnerability is CVE-2020-22217.
The c-ares vulnerability can result in a denial of service by causing c-ares to crash.
The affected software version is libc-ares2 1.15.0-1ubuntu0.4 on Ubuntu 20.04.
To fix the c-ares vulnerability, you should update libc-ares2 to version 1.15.0-1ubuntu0.4.
You can find more information about the c-ares vulnerability in the Ubuntu Security Notice USN-6376-1.