Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-12248

CVE-2022-4904 c-ares: buffer overflow in config_sortlist() due to missing string length check [rhel-8]

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Normal Normal
    • rhel-8.9.0
    • rhel-8.8.0
    • c-ares
    • c-ares-1.13.0-7.el8
    • None
    • Moderate
    • ZStream
    • rhel-sst-idm-sssd
    • ssg_idm
    • 0
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Release Note Not Required
    • Unspecified
    • None

      rhel-8 tracking bug for c-ares: see the bugs linked in the "Blocks" field of this bug for full details of the security issue(s).

      This bug is never intended to be made public, please put any public notes in the blocked bugs.

      Impact: Moderate
      Reported Date: 09-Feb-2023
      PM Fix/Wontfix Decision By: 19-Mar-2023
      Resolve Bug By: 08-Aug-2023

      In case the dates above are already past, please evaluate this bug in your next prioritization review and make a decision then. Remember to explicitly set CLOSED:WONTFIX if you decide not to fix this bug.

      Please review this tracker and its impact on your product or service, as soon as possible. The trackers are filed WITHOUT in-depth analysis as the vulnerability has a Low or Moderate severity impact on this product or service. For more details, please refer to following confluence page - https://docs.engineering.redhat.com/x/3e_3EQ

      Please see the Security Errata Policy for further details: https://docs.engineering.redhat.com/x/9kKpDw

      For the Enterprise Linux security issues handling process overview see:
      https://source.redhat.com/groups/public/product-security/content/product_security_wiki/eus_z_stream_and_security_bugs

              atikhono@redhat.com Alexey Tikhonov
              mrehak@redhat.com Marian Rehak
              Alexey Tikhonov Alexey Tikhonov
              SSSD QE SSSD QE
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: