C-ares Crash Due to NULL Character in Configuration Files
CVE-2024-25629

4.4MEDIUM

Key Information:

Vendor: C-ares
Status: C-ares
Vendor: CVE Published:; 23 February 2024

What is CVE-2024-25629?

c-ares is a C library for asynchronous DNS requests. ares__read_line() is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded NULL character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist.

Affected Version(s)

c-ares < 1.27.0

References

https://github.com/c-ares/c-ares/security/advisories/GHSA...

x_refsource_CONFIRM

https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8...

x_refsource_MISC

https://lists.fedoraproject.org/archives/list/package-ann...

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 23, 2024
Vulnerability Reserved
Feb 8, 2024