Lucene search
RedHatRHSA-2023:6291HistoryNov 02, 2023 - 3:39 p.m.
(RHSA-2023:6291) Moderate: c-ares security update
2023-11-0215:39:01
access.redhat.com
27
c-ares c library
buffer overflow
security update
dns requests
The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API.
Security Fix(es):
- c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 9 | i686 | c-ares-debuginfo | < 1.17.1-5.el9_0.2 | c-ares-debuginfo-1.17.1-5.el9_0.2.i686.rpm |
| RedHat | 9 | ppc64le | c-ares-debugsource | < 1.17.1-5.el9_0.2 | c-ares-debugsource-1.17.1-5.el9_0.2.ppc64le.rpm |
| RedHat | 9 | i686 | c-ares | < 1.17.1-5.el9_0.2 | c-ares-1.17.1-5.el9_0.2.i686.rpm |
| RedHat | 9 | aarch64 | c-ares | < 1.17.1-5.el9_0.2 | c-ares-1.17.1-5.el9_0.2.aarch64.rpm |
| RedHat | 9 | s390x | c-ares-devel | < 1.17.1-5.el9_0.2 | c-ares-devel-1.17.1-5.el9_0.2.s390x.rpm |
| RedHat | 9 | s390x | c-ares-debuginfo | < 1.17.1-5.el9_0.2 | c-ares-debuginfo-1.17.1-5.el9_0.2.s390x.rpm |
| RedHat | 9 | ppc64le | c-ares-devel | < 1.17.1-5.el9_0.2 | c-ares-devel-1.17.1-5.el9_0.2.ppc64le.rpm |
| RedHat | 9 | ppc64le | c-ares | < 1.17.1-5.el9_0.2 | c-ares-1.17.1-5.el9_0.2.ppc64le.rpm |
| RedHat | 9 | x86_64 | c-ares-debuginfo | < 1.17.1-5.el9_0.2 | c-ares-debuginfo-1.17.1-5.el9_0.2.x86_64.rpm |
| RedHat | 9 | x86_64 | c-ares-devel | < 1.17.1-5.el9_0.2 | c-ares-devel-1.17.1-5.el9_0.2.x86_64.rpm |
Related
nessus
nessus
EulerOS 2.0 SP10 : c-ares (EulerOS-SA-2023-1970)
2023-05-18 00:00:00
EulerOS Virtualization 2.9.0 : c-ares (EulerOS-SA-2023-2013)
2023-06-02 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : c-ares vulnerability (USN-5907-1)
2023-03-02 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-4904 affecting package nodejs for versions less than 16.20.1-2
2023-08-03 02:51:21
CVE-2022-4904 affecting package grpc for versions less than 1.62.0-2
2024-04-17 22:02:46
CVE-2022-4904 affecting package nodejs 14.21.3-1
2024-07-02 03:08:33
openvas
openvas
Fedora: Security Advisory for c-ares (FEDORA-2023-30e81e5293)
2023-03-08 00:00:00
Debian: Security Advisory (DLA-3323-1)
2023-02-19 00:00:00
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-1970)
2023-05-18 00:00:00
osv
osv
c-ares vulnerability
2023-03-02 12:48:30
c-ares - security update
2023-02-18 00:00:00
Moderate: c-ares security update
2023-11-14 00:00:00
ubuntucve
ubuntucve
CVE-2022-4904
2023-02-15 00:00:00
redos
redos
ROS-20230316-01
2023-03-16 00:00:00
almalinux
almalinux
Moderate: c-ares security update
2023-11-14 00:00:00
Moderate: c-ares security, bug fix, and enhancement update
2023-11-07 00:00:00
Important: nodejs:18 security update
2023-07-12 00:00:00
debian
debian
[SECURITY] [DLA 3323-1] c-ares security update
2023-02-18 22:55:21
ubuntu
ubuntu
c-ares vulnerability
2023-03-02 00:00:00
prion
prion
Stack overflow
2023-03-06 23:15:00
fedora
fedora
[SECURITY] Fedora 37 Update: c-ares-1.19.0-1.fc37
2023-02-23 02:21:41
[SECURITY] Fedora 36 Update: c-ares-1.19.0-1.fc36
2023-03-08 01:22:23
mageia
mageia
Updated c-ares packages fix security vulnerability
2023-02-27 23:27:16
cvelist
cvelist
CVE-2022-4904
2023-03-06 00:00:00
redhat
redhat
(RHSA-2023:7368) Moderate: c-ares security update
2023-11-21 08:12:35
(RHSA-2023:7116) Moderate: c-ares security update
2023-11-14 08:45:36
(RHSA-2023:7543) Moderate: c-ares security update
2023-11-28 14:46:18
oraclelinux
oraclelinux
c-ares security update
2023-11-17 00:00:00
c-ares security, bug fix, and enhancement update
2023-11-11 00:00:00
nodejs:18 security update
2023-07-19 00:00:00
f5
f5
K000138651: c-ares vulnerability CVE-2022-4904
2024-02-19 00:00:00
debiancve
debiancve
CVE-2022-4904
2023-03-06 23:15:11
amazon
amazon
Medium: c-ares
2023-07-05 21:44:00
Medium: c-ares
2024-01-03 21:04:00
nvd
nvd
CVE-2022-4904
2023-03-06 23:15:11
redhatcve
redhatcve
CVE-2022-4904
2023-02-15 10:29:26
cve
cve
CVE-2022-4904
2023-03-06 23:15:11
gitlab
gitlab
Improper Input Validation
2023-03-06 00:00:00
ibm
ibm
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0552
2023-03-17 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0365
2023-03-27 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2246
2023-10-17 12:06:48
Advisory ROSA-SA-2023-2284
2023-10-31 14:04:36
rocky
rocky
nodejs:18 security update
2023-08-31 16:54:34
nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-05-25 19:53:09
nodejs:14 security, bug fix, and enhancement update
2023-04-26 15:28:13
gentoo
gentoo
c-ares: Multiple Vulnerabilities
2024-01-05 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47