Red Hat: CVE-2022-4904: buffer overflow in config_sortlist() due to missing string length check (Multiple Advisories)

发布于3月6日3月6日

Members

Red Hat: CVE-2022-4904: buffer overflow in config_sortlist() due to missing string length check (Multiple Advisories)

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:C)

Published

03/06/2023

Created

04/04/2023

Added

04/03/2023

Modified

01/28/2025

Description

A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.

Solution(s)

redhat-upgrade-c-ares
redhat-upgrade-c-ares-debuginfo
redhat-upgrade-c-ares-debugsource
redhat-upgrade-c-ares-devel
redhat-upgrade-nodejs
redhat-upgrade-nodejs-debuginfo
redhat-upgrade-nodejs-debugsource
redhat-upgrade-nodejs-devel
redhat-upgrade-nodejs-docs
redhat-upgrade-nodejs-full-i18n
redhat-upgrade-nodejs-libs
redhat-upgrade-nodejs-libs-debuginfo
redhat-upgrade-nodejs-nodemon
redhat-upgrade-nodejs-packaging
redhat-upgrade-nodejs-packaging-bundler
redhat-upgrade-npm

References

CVE-2022-4904
RHSA-2023:1533
RHSA-2023:1582
RHSA-2023:1742
RHSA-2023:1743
RHSA-2023:2654
RHSA-2023:2655
RHSA-2023:4035
RHSA-2023:5533
RHSA-2023:6291
RHSA-2023:6635
RHSA-2023:7116
RHSA-2023:7368
RHSA-2023:7543

查看数 710
已创建 3月6日3月6日
最后回复 3月6日3月6日

https://www.ishack.org/topic/9327.html/

粉丝

转到主题列表

登录

Red Hat: CVE-2022-4904: buffer overflow in config_sortlist() due to missing string length check (Multiple Advisories)

recommended_posts

Red Hat: CVE-2022-4904: buffer overflow in config_sortlist() due to missing string length check (Multiple Advisories)

Description

Solution(s)

References

欢迎来到红帽社区

社区动态

红龙逆向工具箱2025最新版(ISHACK改良版)

修改底部版权信息

ips4.7升级到5.x版本问题。

IPS Invision Community 经常自动退出登录解决

网站程序安装中文语言包时没有中文选项？Debian中文包

帐户

导航

搜索