On 12/8/25 11:42, Brad House wrote: > Moderate. > > Use after free() in read_answer() when process_answer() may terminate a > query such as after maximum attempts. This was causing the connection to > be closed, but still possibly additional answers to be processed. This > is a missed case from CVE-2025-31498. > > Use after free will lead to crash / Denial of Service. > > Patch: > https://github.com/c-ares/c-ares/commit/714bf5675c541bd1e668a8db8e67ce012651e618.patch > > Links: > https://github.com/c-ares/c-ares/security/advisories/GHSA-jq53-42q6-pqr5
Use-after-free can also lead to information leaks or code execution. -- Sincerely, Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
