Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
c-ares has a use-after-free in read_answers()
Vulnerability Description
c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in read_answers() when process_answer() may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed the connection immediately after a response. If there was an issue trying to put that new transaction on the wire, it would close the connection handle, but read_answers() was still expecting the connection handle to be available to possibly dequeue other responses. In theory a remote attacker might be able to trigger this by flooding the target with ICMP UNREACHABLE packets if they also control the upstream nameserver and can return a result with one of those conditions, this has been untested. Otherwise only a local attacker might be able to change system behavior to make send()/write() return a failure condition. This vulnerability is fixed in 1.34.5.
CVSS Information
N/A
Vulnerability Type
释放后使用
Vulnerability Title
c-ares 资源管理错误漏洞
Vulnerability Description
c-ares是c-ares个人开发者的一个用于异步 DNS 请求的 C 库。 c-ares 1.32.3版本至1.34.4版本存在资源管理错误漏洞,该漏洞源于释放后重用,可能导致远程攻击者触发拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A