CVE-2024-25629

Name of the Vulnerable Software and Affected Versions c-ares versions prior to 1.27.0

Description The issue is related to the ares read line() function in the c-ares library, which is used for asynchronous DNS requests. This function parses local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded NULL character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer, which may result in a crash. This can be exploited to cause a denial of service.

Recommendations For c-ares versions prior to 1.27.0, update to version 1.27.0 to fix the issue. As a temporary workaround, consider restricting access to the configuration files to prevent exploitation. Avoid using configuration files with embedded NULL characters.