MGASA-2017-0215

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2017-1000381

Published: 23 Jul 2017, 19:58

Last modified:16 Apr 2026, 06:23

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

23 Jul 2017, 19:58

Published

Vulnerability first disclosed

16 Apr 2026, 06:23

Last Modified

Vulnerability information updated

Description

Updated c-ares packages fix security vulnerability The c-ares function ares_parse_naptr_reply(), which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way (CVE-2017-1000381).

Affected Systems

mageia•c-ares
< 1.10.0-5.2.mga5

References (3)

https://advisories.mageia.org/MGASA-2017-0215.html
https://bugs.mageia.org/show_bug.cgi?id=21115
https://c-ares.haxx.se/adv_20170620.html