22.Lock ScreenEffect Esm W900

Several important security vulnerabilities have been found in the c-ares fork of the ares library, including a 0-byte UDP payload denial of service (DoS) bug (CVE-2023-32067). With low attack complexity, no privileges or user interaction required to exploit, and a high availability impact, this flaw has received a National Vulnerability Database (NVD) base score of 7.5 out of 10 (“High” severity).

These issues could lead to downtime due to loss of access to impacted systems. 

An important update for c-ares that mitigates these bugs has been released. We urge all impacted users to apply the c-ares updates issued by their distro(s) immediately to protect the availability of their critical systems.

To stay on top of important updates released by the open-source programs and applications you use, be sure to register as a LinuxSecurity user, then subscribe to our Linux Advisory Watch newsletter and customize your advisories for the distro(s) you use. This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.

Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).