Ubuntu 20.04 LTS USN-6376-1 Critical: c-ares Denial of Service Risk

ubuntu

September 18, 2023

c-ares could be made to crash if it received specially crafted network traffic.

Summary

c-ares could be made to crash if it received specially crafted network

traffic.

Software Description:

- c-ares: library for asynchronous name resolution

Details:

It was discovered that c-ares incorrectly parsed certain SOA replies. A

remote attacker could possibly use this issue to cause c-res to crash,

resulting in a denial of service.

Topics Covered

security advisory denial of service critical ubuntu network attack c-ares

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   libc-ares2                      1.15.0-1ubuntu0.4

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6376-1

CVE-2020-22217

Severity

critical

Lowest

Low

Medium

High

Critical

Ubuntu Security Notice USN-6376-1

Topics Covered

security advisory denial of service critical ubuntu network attack c-ares

Package Information

https://launchpad.net/ubuntu/+source/c-ares/1.15.0-1ubuntu0.4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Ubuntu 20.04 LTS USN-6376-1 Critical: c-ares Denial of Service Risk

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Ubuntu 20.04 LTS USN-6376-1 Critical: c-ares Denial of Service Risk

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!