Vojtechvobr

**Name of the Vulnerable Software and Affected Versions** c-ares versions prior to 1.27.0 **Description** The issue is related to the `ares read line()` function in the c-ares library, which is used for asynchronous DNS requests. This function parses local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer, which may result in a crash. This can be exploited to cause a denial of service. **Recommendations** For c-ares versions prior to 1.27.0, update to version 1.27.0 to fix the issue. As a temporary workaround, consider restricting access to the configuration files to prevent exploitation. Avoid using configuration files with embedded `NULL` characters.