Bug 2209497 (CVE-2023-31130)

Summary: CVE-2023-31130 c-ares: Buffer Underwrite in ares_inet_net_pton()
Product: [Other] Security Response Reporter: Sandipan Roy <saroy>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: atikhono, hhorak, jorton, nodejs-maint
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in c-ares. This issue occurs in the ares_inet_net_pton() function, which is vulnerable to a buffer underflow for certain ipv6 addresses. "0::00:00:00/2" in particular was found to cause an issue. C-ares only uses this function internally for configuration purposes, which would require an administrator to configure such an address via ares_set_sortlist().
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2209539, 2209540, 2209541, 2209542, 2209543, 2209545, 2209546, 2209547, 2209548, 2209554, 2209556, 2209557, 2209558, 2209559, 2209561, 2211045, 2211046, 2211047, 2211048, 2211049, 2212436, 2212437, 2214630    
Bug Blocks: 2209110    

Description Sandipan Roy 2023-05-24 03:56:29 UTC 
ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist().

CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton() (https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v)
Comment 1 Sandipan Roy 2023-05-24 04:23:00 UTC 
Created c-ares tracking bugs for this issue:

Affects: fedora-all [bug 2209542]


Created mingw-c-ares tracking bugs for this issue:

Affects: fedora-all [bug 2209543]


Created nodejs tracking bugs for this issue:

Affects: epel-7 [bug 2209539]


Created nodejs16 tracking bugs for this issue:

Affects: fedora-38 [bug 2209548]


Created nodejs18 tracking bugs for this issue:

Affects: fedora-all [bug 2209545]


Created nodejs20 tracking bugs for this issue:

Affects: fedora-all [bug 2209546]


Created nodejs:13/nodejs tracking bugs for this issue:

Affects: epel-8 [bug 2209540]


Created nodejs:16-epel/nodejs tracking bugs for this issue:

Affects: epel-8 [bug 2209541]


Created nodejs:16/c-ares tracking bugs for this issue:

Affects: fedora-all [bug 2209547]
Comment 4 errata-xmlrpc 2023-06-14 07:27:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:3577 https://access.redhat.com/errata/RHSA-2023:3577
Comment 5 errata-xmlrpc 2023-06-14 08:39:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:3586 https://access.redhat.com/errata/RHSA-2023:3586
Comment 7 errata-xmlrpc 2023-07-12 08:12:36 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:4036 https://access.redhat.com/errata/RHSA-2023:4036
Comment 8 errata-xmlrpc 2023-07-12 08:24:18 UTC 
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7

Via RHSA-2023:4039 https://access.redhat.com/errata/RHSA-2023:4039
Comment 9 errata-xmlrpc 2023-07-12 08:25:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:4035 https://access.redhat.com/errata/RHSA-2023:4035
Comment 10 errata-xmlrpc 2023-07-12 08:25:23 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:4034 https://access.redhat.com/errata/RHSA-2023:4034
Comment 11 errata-xmlrpc 2023-07-12 08:26:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:4033 https://access.redhat.com/errata/RHSA-2023:4033
Comment 12 errata-xmlrpc 2023-11-07 08:22:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:6635 https://access.redhat.com/errata/RHSA-2023:6635
Comment 13 errata-xmlrpc 2023-11-14 16:55:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:7207 https://access.redhat.com/errata/RHSA-2023:7207
Comment 14 errata-xmlrpc 2023-11-21 11:40:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:7392 https://access.redhat.com/errata/RHSA-2023:7392
Comment 15 errata-xmlrpc 2023-11-28 15:36:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2023:7543 https://access.redhat.com/errata/RHSA-2023:7543