Showing 1 - 22 of 22

CVE-2023-32067

Status Candidate

Overview

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection. This issue has been patched in version 1.19.1.

Related Files

Gentoo Linux Security Advisory 202310-09: Posted Oct 9, 2023; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202310-9 - Multiple vulnerabilities have been discovered in c-ares the worst of which could result in Denial of Service. Versions greater than or equal to 1.19.1 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067; SHA-256 | dba467e1cac9309374c23a8d2f24d647cbf257865cdcc88db8600f113e7af9c7; Download | Favorite | View

Ubuntu Security Notice USN-6164-2: Posted Sep 12, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6164-2 - USN-6164-1 fixed several vulnerabilities in c-ares. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, ubuntu; advisories | CVE-2023-31130, CVE-2023-32067; SHA-256 | 008778f8349168613c9ea3309b75435d9c5183c9a80a91bcaab9013c577de116; Download | Favorite | View

Red Hat Security Advisory 2023-4090-01: Posted Jul 21, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-4090-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-41717, CVE-2022-41723, CVE-2023-1260, CVE-2023-24329, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-27561, CVE-2023-29400, CVE-2023-3089, CVE-2023-32067; SHA-256 | 8f5d9de3dfbb5da2c5485d166d318d17bf75bee68e81bf76bb2233dc62e6de75; Download | Favorite | View

Red Hat Security Advisory 2023-4039-01: Posted Jul 12, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-4039-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, javascript; systems | linux, redhat; advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067; SHA-256 | 79c745dae0e4a96887a92346201fafff379f8553e65ad01401ec7cb0436a84c6; Download | Favorite | View

Red Hat Security Advisory 2023-4034-01: Posted Jul 12, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-4034-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, javascript; systems | linux, redhat; advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067; SHA-256 | 4a5158a0332de2f9544f7ef4fb9f874620df54c370aaefcae4faec249535a8a1; Download | Favorite | View

Red Hat Security Advisory 2023-4033-01: Posted Jul 12, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-4033-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, javascript; systems | linux, redhat; advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067; SHA-256 | 769605a7ad35f0daf38e521bc2fa72daec355ff0f28a65f5298d1651be8c9b52; Download | Favorite | View

Red Hat Security Advisory 2023-4036-01: Posted Jul 12, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-4036-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, javascript; systems | linux, redhat; advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067; SHA-256 | 8d61165472772112c3e82bb47d7e6b7af07d15f2baa367f1ea11df1f38d219ba; Download | Favorite | View

Red Hat Security Advisory 2023-4035-01: Posted Jul 12, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-4035-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include buffer overflow and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2022-4904, CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067; SHA-256 | b2a625f052f26d493dd20d4b4e6799bb0b54fd62b19e9cf1c70573ba4694f509; Download | Favorite | View

Red Hat Security Advisory 2023-3915-01: Posted Jul 6, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.44.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-32149, CVE-2022-32190, CVE-2022-41715, CVE-2023-1370, CVE-2023-24329, CVE-2023-24540, CVE-2023-3089, CVE-2023-32067; SHA-256 | 983f22c13da7ac7e8ade2bd73150add682db932fc974bb432e054a1cc890dd94; Download | Favorite | View

Red Hat Security Advisory 2023-3943-01: Posted Jun 30, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3943-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2020-24736, CVE-2022-27191, CVE-2022-41723, CVE-2023-1667, CVE-2023-2283, CVE-2023-24329, CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-26604, CVE-2023-32067; SHA-256 | 12a54616440b7d99d35b629e1ac2d1c4e4871805c65bd8ab7f7436bab130e12e; Download | Favorite | View

Red Hat Security Advisory 2023-3741-01: Posted Jun 22, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3741-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-32067; SHA-256 | 8783d76c406bb3dbdd7902bd839ae0f4e25d1290d7045d5be51a4596aef627db; Download | Favorite | View

Red Hat Security Advisory 2023-3677-01: Posted Jun 20, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3677-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-32067; SHA-256 | df3019a9bc571413a0cbd1c0fd6736455a251fe74c90fe3371221edf14674e30; Download | Favorite | View

Red Hat Security Advisory 2023-3665-01: Posted Jun 20, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3665-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-32067; SHA-256 | 2e867c67c5f98499e1dce78e9b0e51555d7eb9779465fc07406eb574cde61012; Download | Favorite | View

Red Hat Security Advisory 2023-3662-01: Posted Jun 19, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3662-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-32067; SHA-256 | c47f3f8f3d3487557786186920d8a97082e33197daf8c53bbc9c079d8e9775cb; Download | Favorite | View

Red Hat Security Advisory 2023-3660-01: Posted Jun 19, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3660-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-32067; SHA-256 | 22d290497bf4243b478e6c25a13228fe5466ce6572796b1d1e2a838680a094fb; Download | Favorite | View

Ubuntu Security Notice USN-6164-1: Posted Jun 16, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6164-1 - Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code. Xiang Li discovered that c-ares incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service.; tags | advisory, remote, denial of service, arbitrary, udp; systems | linux, ubuntu; advisories | CVE-2023-31130, CVE-2023-32067; SHA-256 | 0112dec7e71722ec1f679b97f759de4ebeaead0ca6d25c4fc1e459e5fa65bb9f; Download | Favorite | View

Red Hat Security Advisory 2023-3586-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3586-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, javascript; systems | linux, redhat; advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067; SHA-256 | cd4836854f4f775475d105d160dc74d3d6d2a94064a9e9a21552165de3fde258; Download | Favorite | View

Red Hat Security Advisory 2023-3577-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3577-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, javascript; systems | linux, redhat; advisories | CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067; SHA-256 | 42e13d3b9fc3ea0f87ad33e7b800d31ef4f26dfb6121410a6541791c97587b15; Download | Favorite | View

Red Hat Security Advisory 2023-3583-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3583-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-32067; SHA-256 | 9b52aaac22f2fb5dda3530aed7d509dfd4e2908b442c9b45445f70a9a721c84f; Download | Favorite | View

Red Hat Security Advisory 2023-3584-01: Posted Jun 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3584-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-32067; SHA-256 | b0f89d894afad4f8e831920c8b838bc3b3c18c2dd2103d301e967145363b3bdf; Download | Favorite | View

Red Hat Security Advisory 2023-3559-01: Posted Jun 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-3559-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-32067; SHA-256 | e7b3fa4723f0ecc51167092851d1f9757ebbdbb8ef7e14db842e5ecff5f6aab5; Download | Favorite | View

Debian Security Advisory 5419-1: Posted Jun 7, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5419-1 - Two vulnerabilities were discovered in c-ares, an asynchronous name resolver library.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2023-31130, CVE-2023-32067; SHA-256 | 1e9e9de47625e97e419ed5fbee008a7603b1295dcf08d757bc8c853b1c3aac6a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 64 files
Debian 24 files
Apple 14 files
LiquidWorm 12 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,171)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,070)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,426)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,010)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2023-32067

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems