Lucene search
AlmaLinuxALSA-2023:3559HistoryJun 13, 2023 - 12:00 a.m.
Important: c-ares security update
2023-06-1300:00:00
errata.almalinux.org
7
c-ares
c library
security update
udp payload
denial of service
vulnerability
dns
cvss score
cve-2023-32067
references
impact
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
45.8%
The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API.
Security Fix(es):
- c-ares: 0-byte UDP payload Denial of Service (CVE-2023-32067)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 9 | i686 | c-ares-devel | < 1.17.1-5.el9_2.1 | c-ares-devel-1.17.1-5.el9_2.1.i686.rpm |
| almalinux | 9 | x86_64 | c-ares-devel | < 1.17.1-5.el9_2.1 | c-ares-devel-1.17.1-5.el9_2.1.x86_64.rpm |
| almalinux | 9 | ppc64le | c-ares-devel | < 1.17.1-5.el9_2.1 | c-ares-devel-1.17.1-5.el9_2.1.ppc64le.rpm |
| almalinux | 9 | aarch64 | c-ares-devel | < 1.17.1-5.el9_2.1 | c-ares-devel-1.17.1-5.el9_2.1.aarch64.rpm |
| almalinux | 9 | s390x | c-ares-devel | < 1.17.1-5.el9_2.1 | c-ares-devel-1.17.1-5.el9_2.1.s390x.rpm |
| almalinux | 9 | i686 | c-ares | < 1.17.1-5.el9_2.1 | c-ares-1.17.1-5.el9_2.1.i686.rpm |
| almalinux | 9 | ppc64le | c-ares | < 1.17.1-5.el9_2.1 | c-ares-1.17.1-5.el9_2.1.ppc64le.rpm |
| almalinux | 9 | s390x | c-ares | < 1.17.1-5.el9_2.1 | c-ares-1.17.1-5.el9_2.1.s390x.rpm |
| almalinux | 9 | aarch64 | c-ares | < 1.17.1-5.el9_2.1 | c-ares-1.17.1-5.el9_2.1.aarch64.rpm |
| almalinux | 9 | x86_64 | c-ares | < 1.17.1-5.el9_2.1 | c-ares-1.17.1-5.el9_2.1.x86_64.rpm |
Related
osv
osv
Important: c-ares security update
2023-06-14 00:00:00
Important: c-ares security update
2023-06-13 19:55:23
Important: c-ares security update
2023-06-13 00:00:00
oraclelinux
oraclelinux
c-ares security update
2023-06-15 00:00:00
c-ares security update
2023-06-13 00:00:00
c-ares security update
2023-06-22 00:00:00
nessus
nessus
Amazon Linux AMI : c-ares (ALAS-2023-1770)
2023-07-03 00:00:00
Oracle Linux 8 : c-ares (ELSA-2023-3584)
2023-06-15 00:00:00
RHEL 8 : c-ares (RHSA-2023:3665)
2023-06-19 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2374)
2023-07-17 00:00:00
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2555)
2023-08-03 00:00:00
CentOS: Security Advisory for c-ares (CESA-2023:3741)
2023-07-30 00:00:00
centos
centos
c security update
2023-07-27 14:33:02
cve
cve
CVE-2023-32067
2023-05-25 23:15:09
rocky
rocky
c-ares security update
2023-06-13 19:55:23
c-ares security update
2023-06-24 18:52:42
nodejs:16 security update
2023-08-31 16:54:34
prion
prion
Code injection
2023-05-25 23:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2190
2023-07-18 11:12:56
Advisory ROSA-SA-2023-2246
2023-10-17 12:06:48
Advisory ROSA-SA-2023-2284
2023-10-31 14:04:36
nvd
nvd
CVE-2023-32067
2023-05-25 23:15:09
wolfi
wolfi
CVE-2023-32067 vulnerabilities
2024-07-04 03:08:38
redhat
redhat
(RHSA-2023:3584) Important: c-ares security update
2023-06-14 07:37:23
(RHSA-2023:3660) Important: c-ares security update
2023-06-19 07:54:36
(RHSA-2023:3677) Important: c-ares security update
2023-06-20 07:06:12
cbl_mariner
cbl_mariner
CVE-2023-32067 affecting package nodejs18 for versions less than 18.17.1-2
2023-09-27 18:02:50
CVE-2023-32067 affecting package grpc for versions less than 1.62.0-2
2024-04-17 22:02:46
CVE-2023-32067 affecting package c-ares 1.19.0-1
2023-06-27 21:25:25
debiancve
debiancve
CVE-2023-32067
2023-05-25 23:15:09
almalinux
almalinux
Important: c-ares security update
2023-06-14 00:00:00
Important: nodejs:18 security update
2023-06-14 00:00:00
Important: nodejs:16 security update
2023-07-12 00:00:00
f5
f5
K000135831 : Node.js vulnerability CVE-2023-32067
2023-08-12 00:00:00
cvelist
cvelist
CVE-2023-32067 0-byte UDP payload DoS in c-ares
2023-05-25 22:49:55
cgr
cgr
CVE-2023-32067 vulnerabilities
2024-05-19 03:07:16
amazon
amazon
Important: c-ares
2023-07-17 17:39:00
Important: c-ares
2023-06-21 19:11:00
ubuntucve
ubuntucve
CVE-2023-32067
2023-05-25 00:00:00
gitlab
gitlab
Uncontrolled Resource Consumption
2023-05-25 00:00:00
redhatcve
redhatcve
CVE-2023-32067
2023-05-24 04:41:38
debian
debian
[SECURITY] [DLA 3471-1] c-ares security update
2023-06-26 19:47:35
[SECURITY] [DSA 5419-1] c-ares security update
2023-06-07 05:12:38
ubuntu
ubuntu
c-ares vulnerabilities
2023-09-11 00:00:00
c-ares vulnerabilities
2023-06-14 00:00:00
ibm
ibm
gentoo
gentoo
c-ares: Multiple Vulnerabilities
2023-10-08 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: c-ares-1.19.1-1.fc38
2023-05-26 01:52:50
[SECURITY] Fedora 37 Update: c-ares-1.19.1-1.fc37
2023-05-28 02:57:44
slackware
slackware
[slackware-security] c-ares
2023-05-22 19:09:04
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0084
2023-08-30 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0015
2023-05-29 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0649
2023-09-14 00:00:00
ics
ics
Siemens SINEC NMS
2024-02-15 12:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
45.8%
Related for ALSA-2023:3559