Lucene search
RedHatRHSA-2023:3665HistoryJun 19, 2023 - 12:55 p.m.
(RHSA-2023:3665) Important: c-ares security update
2023-06-1912:55:31
access.redhat.com
9
c-ares library
asynchronous dns
security update
denial of service
cvss score
cve-2023-32067
unix
references
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
48.7%
The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API.
Security Fix(es):
- c-ares: 0-byte UDP payload Denial of Service (CVE-2023-32067)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | i686 | c-ares | < 1.13.0-5.el8_1.1 | c-ares-1.13.0-5.el8_1.1.i686.rpm |
| RedHat | 8 | i686 | c-ares-debuginfo | < 1.13.0-5.el8_1.1 | c-ares-debuginfo-1.13.0-5.el8_1.1.i686.rpm |
| RedHat | 8 | ppc64le | c-ares-debuginfo | < 1.13.0-5.el8_1.1 | c-ares-debuginfo-1.13.0-5.el8_1.1.ppc64le.rpm |
| RedHat | 8 | ppc64le | c-ares-devel | < 1.13.0-5.el8_1.1 | c-ares-devel-1.13.0-5.el8_1.1.ppc64le.rpm |
| RedHat | 8 | i686 | c-ares-devel | < 1.13.0-5.el8_1.1 | c-ares-devel-1.13.0-5.el8_1.1.i686.rpm |
| RedHat | 8 | x86_64 | c-ares-debugsource | < 1.13.0-5.el8_1.1 | c-ares-debugsource-1.13.0-5.el8_1.1.x86_64.rpm |
| RedHat | 8 | x86_64 | c-ares-debuginfo | < 1.13.0-5.el8_1.1 | c-ares-debuginfo-1.13.0-5.el8_1.1.x86_64.rpm |
| RedHat | 8 | ppc64le | c-ares-debugsource | < 1.13.0-5.el8_1.1 | c-ares-debugsource-1.13.0-5.el8_1.1.ppc64le.rpm |
| RedHat | 8 | x86_64 | c-ares | < 1.13.0-5.el8_1.1 | c-ares-1.13.0-5.el8_1.1.x86_64.rpm |
| RedHat | 8 | x86_64 | c-ares-devel | < 1.13.0-5.el8_1.1 | c-ares-devel-1.13.0-5.el8_1.1.x86_64.rpm |
Related
nessus
nessus
RHEL 8 : c-ares (RHSA-2023:3665)
2023-06-19 00:00:00
CBL Mariner 2.0 Security Update: c-ares / nodejs / fluent-bit / nodejs18 / grpc (CVE-2023-32067)
2024-07-03 00:00:00
Amazon Linux AMI : c-ares (ALAS-2023-1770)
2023-07-03 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2374)
2023-07-17 00:00:00
CentOS: Security Advisory for c-ares (CESA-2023:3741)
2023-07-30 00:00:00
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2555)
2023-08-03 00:00:00
osv
osv
Important: c-ares security update
2023-06-14 00:00:00
Important: c-ares security update
2023-06-13 19:55:23
Important: c-ares security update
2023-06-13 00:00:00
oraclelinux
oraclelinux
c-ares security update
2023-06-15 00:00:00
c-ares security update
2023-06-22 00:00:00
c-ares security update
2023-06-13 00:00:00
redos
redos
ROS-20240827-16
2024-08-27 00:00:00
centos
centos
c security update
2023-07-27 14:33:02
debiancve
debiancve
CVE-2023-32067
2023-05-25 23:15:09
redhat
redhat
(RHSA-2023:3660) Important: c-ares security update
2023-06-19 07:54:36
(RHSA-2023:3584) Important: c-ares security update
2023-06-14 07:37:23
(RHSA-2023:3677) Important: c-ares security update
2023-06-20 07:06:12
cbl_mariner
cbl_mariner
CVE-2023-32067 affecting package nodejs18 for versions less than 18.17.1-2
2023-09-27 18:02:50
CVE-2023-32067 affecting package grpc for versions less than 1.62.0-2
2024-04-17 22:02:46
CVE-2023-32067 affecting package fluent-bit for versions less than 2.1.10-1
2023-11-08 02:07:28
rocky
rocky
c-ares security update
2023-06-24 18:52:42
c-ares security update
2023-06-13 19:55:23
nodejs:16 security update
2023-08-31 16:54:34
almalinux
almalinux
Important: c-ares security update
2023-06-14 00:00:00
Important: c-ares security update
2023-06-13 00:00:00
Important: nodejs:18 security update
2023-06-14 00:00:00
f5
f5
K000135831 : Node.js vulnerability CVE-2023-32067
2023-08-12 00:00:00
cvelist
cvelist
CVE-2023-32067 0-byte UDP payload DoS in c-ares
2023-05-25 22:49:55
cgr
cgr
CVE-2023-32067 vulnerabilities
2024-05-19 03:07:16
ubuntucve
ubuntucve
CVE-2023-32067
2023-05-25 00:00:00
amazon
amazon
Important: c-ares
2023-07-17 17:39:00
Important: c-ares
2023-06-21 19:11:00
gitlab
gitlab
Uncontrolled Resource Consumption
2023-05-25 00:00:00
redhatcve
redhatcve
CVE-2023-32067
2023-05-24 04:41:38
vulnrichment
vulnrichment
CVE-2023-32067 0-byte UDP payload DoS in c-ares
2023-05-25 22:49:55
prion
prion
Code injection
2023-05-25 23:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2190
2023-07-18 11:12:56
Advisory ROSA-SA-2023-2284
2023-10-31 14:04:36
Advisory ROSA-SA-2023-2246
2023-10-17 12:06:48
nvd
nvd
CVE-2023-32067
2023-05-25 23:15:09
cve
cve
CVE-2023-32067
2023-05-25 23:15:09
wolfi
wolfi
CVE-2023-32067 vulnerabilities
2024-09-28 21:12:41
ubuntu
ubuntu
c-ares vulnerabilities
2023-09-11 00:00:00
c-ares vulnerabilities
2023-06-14 00:00:00
debian
debian
[SECURITY] [DLA 3471-1] c-ares security update
2023-06-26 19:47:35
[SECURITY] [DSA 5419-1] c-ares security update
2023-06-07 05:12:38
ibm
ibm
gentoo
gentoo
c-ares: Multiple Vulnerabilities
2023-10-08 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: c-ares-1.19.1-1.fc37
2023-05-28 02:57:44
[SECURITY] Fedora 38 Update: c-ares-1.19.1-1.fc38
2023-05-26 01:52:50
slackware
slackware
[slackware-security] c-ares
2023-05-22 19:09:04
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0084
2023-08-30 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0015
2023-05-29 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0649
2023-09-14 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
48.7%
Related for RHSA-2023:3665