Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Ubuntu 20.10 USN-4638-1 Critical: c-ares DNS Denial Of Service Advisory

ubuntu
Calendar Grey November 19, 2020
Dist Ubuntu Esm H88
Debian Security Advisory DSA-4820-1 concerns a libcurl vulnerability enabling potential DoS via specially crafted HTTP requests.
c-ares could be made to denial of service if it received a specially crafted DNS request.

Summary

c-ares could be made to denial of service if it received a specially crafted

DNS request.

Software Description:

- c-ares: library for asynchronous name resolution

Details:

It was discovered that c-ares incorrectly handled certain DNS requests.

An attacker could possibly use this issue to cause a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  libc-ares2                      1.16.1-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4638-1

CVE-2020-8277

Severity
critical
Lowest
Low
Medium
High
Critical

November 19, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.