Lucene search
PRIOn knowledge basePRION:CVE-2023-32067HistoryMay 25, 2023 - 11:15 p.m.
Code injection
2023-05-2523:15:00
PRIOn knowledge base
www.prio-n.com
7
c-ares library vulnerability
denial of service
udp packet
patched version
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.
| CPE | Name | Operator | Version |
|---|---|---|---|
| c-ares | lt | 1.19.1 | |
| debian_linux | eq | 10.0 | |
| debian_linux | eq | 11.0 | |
| fedora | eq | 37 | |
| fedora | eq | 38 |
References
github.com/c-ares/c-ares/releases/tag/cares-1_19_1
github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc
lists.debian.org/debian-lts-announce/2023/06/msg00034.html
lists.fedoraproject.org/archives/list/[email protected]/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/
lists.fedoraproject.org/archives/list/[email protected]/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/
security.gentoo.org/glsa/202310-09
www.debian.org/security/2023/dsa-5419
Related
nessus
nessus
RHEL 8 : c-ares (RHSA-2023:3665)
2023-06-19 00:00:00
Amazon Linux AMI : c-ares (ALAS-2023-1770)
2023-07-03 00:00:00
Oracle Linux 8 : c-ares (ELSA-2023-3584)
2023-06-15 00:00:00
osv
osv
Important: c-ares security update
2023-06-13 19:55:23
Important: c-ares security update
2023-06-13 00:00:00
Important: c-ares security update
2023-06-14 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2374)
2023-07-17 00:00:00
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2555)
2023-08-03 00:00:00
CentOS: Security Advisory for c-ares (CESA-2023:3741)
2023-07-30 00:00:00
oraclelinux
oraclelinux
c-ares security update
2023-06-15 00:00:00
c-ares security update
2023-06-13 00:00:00
c-ares security update
2023-06-22 00:00:00
centos
centos
c security update
2023-07-27 14:33:02
cve
cve
CVE-2023-32067
2023-05-25 23:15:09
rocky
rocky
c-ares security update
2023-06-13 19:55:23
c-ares security update
2023-06-24 18:52:42
nodejs:16 security update
2023-08-31 16:54:34
rosalinux
rosalinux
Advisory ROSA-SA-2023-2190
2023-07-18 11:12:56
Advisory ROSA-SA-2023-2246
2023-10-17 12:06:48
Advisory ROSA-SA-2023-2284
2023-10-31 14:04:36
nvd
nvd
CVE-2023-32067
2023-05-25 23:15:09
wolfi
wolfi
CVE-2023-32067 vulnerabilities
2024-07-03 09:08:38
redhat
redhat
(RHSA-2023:3584) Important: c-ares security update
2023-06-14 07:37:23
(RHSA-2023:3660) Important: c-ares security update
2023-06-19 07:54:36
(RHSA-2023:3677) Important: c-ares security update
2023-06-20 07:06:12
cbl_mariner
cbl_mariner
CVE-2023-32067 affecting package nodejs18 for versions less than 18.17.1-2
2023-09-27 18:02:50
CVE-2023-32067 affecting package grpc for versions less than 1.62.0-2
2024-04-17 22:02:46
CVE-2023-32067 affecting package c-ares 1.19.0-1
2023-06-27 21:25:25
debiancve
debiancve
CVE-2023-32067
2023-05-25 23:15:09
almalinux
almalinux
Important: c-ares security update
2023-06-14 00:00:00
Important: c-ares security update
2023-06-13 00:00:00
Important: nodejs:18 security update
2023-06-14 00:00:00
f5
f5
K000135831 : Node.js vulnerability CVE-2023-32067
2023-08-12 00:00:00
cvelist
cvelist
CVE-2023-32067 0-byte UDP payload DoS in c-ares
2023-05-25 22:49:55
cgr
cgr
CVE-2023-32067 vulnerabilities
2024-05-19 03:07:16
amazon
amazon
Important: c-ares
2023-07-17 17:39:00
Important: c-ares
2023-06-21 19:11:00
ubuntucve
ubuntucve
CVE-2023-32067
2023-05-25 00:00:00
gitlab
gitlab
Uncontrolled Resource Consumption
2023-05-25 00:00:00
redhatcve
redhatcve
CVE-2023-32067
2023-05-24 04:41:38
debian
debian
[SECURITY] [DSA 5419-1] c-ares security update
2023-06-07 05:12:38
[SECURITY] [DLA 3471-1] c-ares security update
2023-06-26 19:47:35
ibm
ibm
ubuntu
ubuntu
c-ares vulnerabilities
2023-06-14 00:00:00
c-ares vulnerabilities
2023-09-11 00:00:00
gentoo
gentoo
c-ares: Multiple Vulnerabilities
2023-10-08 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: c-ares-1.19.1-1.fc38
2023-05-26 01:52:50
[SECURITY] Fedora 37 Update: c-ares-1.19.1-1.fc37
2023-05-28 02:57:44
slackware
slackware
[slackware-security] c-ares
2023-05-22 19:09:04
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0084
2023-08-30 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0015
2023-05-29 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0649
2023-09-14 00:00:00
ics
ics
Siemens SINEC NMS
2024-02-15 12:00:00