- Vulnerability/
- USN-6376-1
USN-6376-1: c-ares vulnerability
First published: Mon Sep 18 2023(Updated: )
It was discovered that c-ares incorrectly parsed certain SOA replies. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libc-ares2 | <1.15.0-1ubuntu0.4 | 1.15.0-1ubuntu0.4 |
| Ubuntu | =20.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this c-ares vulnerability?
The vulnerability ID for this c-ares vulnerability is CVE-2020-22217.
What is the impact of the c-ares vulnerability?
The c-ares vulnerability can result in a denial of service by causing c-ares to crash.
Which software versions are affected by this c-ares vulnerability?
The affected software version is libc-ares2 1.15.0-1ubuntu0.4 on Ubuntu 20.04.
How can I fix the c-ares vulnerability?
To fix the c-ares vulnerability, you should update libc-ares2 to version 1.15.0-1ubuntu0.4.
Where can I find more information about the c-ares vulnerability?
You can find more information about the c-ares vulnerability in the Ubuntu Security Notice USN-6376-1.
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/event
- agent/title
- agent/description
- agent/references
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu
- version/ubuntu/20.04