c-ares CVE-2024-25629

c-ares CVE-2024-25629

Open Source Security [[{„value“:“

Posted by Brad House on Feb 23

There is a single security vulnerability in c-ares that has been
released with c-ares 1.27.0.

*CVE-2024-25629 *

Impact

|ares__read_line()|is used to parse local configuration files such
as|/etc/resolv.conf|,|/etc/nsswitch.conf|, the|HOSTALIASES|file, and if
using a c-ares version prior to 1.22.0, the|/etc/hosts|file. If any of
these configuration files has an embedded|NULL|character as the first
character in a new line, it can lead…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert