1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-4638-1

[USN-4638-1] c-ares vulnerability

Severity High
Affected Packages 2
CVEs 1
Info Packages Vulnerabilities

c-ares could be made to denial of service if it received a specially crafted DNS request.

It was discovered that c-ares incorrectly handled certain DNS requests.
An attacker could possibly use this issue to cause a denial of service.

Package Affected Version
pkg:deb/ubuntu/libc-ares2?distro=groovy < 1.16.1-1ubuntu0.1
pkg:deb/ubuntu/libc-ares-dev?distro=groovy < 1.16.1-1ubuntu0.1
ID
USN-4638-1
Severity
high
Severity from
CVE-2020-8277
URL
https://ubuntu.com/security/notices/USN-4638-1
Published
2020-11-19T12:46:33
(3 years ago)
Modified
2020-11-19T12:46:33
(3 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/libc-ares2?distro=groovy ubuntu libc-ares2 < 1.16.1-1ubuntu0.1 groovy
Affected pkg:deb/ubuntu/libc-ares-dev?distro=groovy ubuntu libc-ares-dev < 1.16.1-1ubuntu0.1 groovy
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date