oss-sec mailing list archives

Re: CVE-2025-62408: c-ares 1.32.3-1.34.5 use after free()

From: Demi Marie Obenour <demiobenour () gmail com>
Date: Mon, 8 Dec 2025 12:23:37 -0500

On 12/8/25 11:42, Brad House wrote:

Moderate.

Use after free() in read_answer() when process_answer() may terminate a 
query such as after maximum attempts. This was causing the connection to 
be closed, but still possibly additional answers to be processed. This 
is a missed case from CVE-2025-31498.

Use after free will lead to crash / Denial of Service.

Patch: 
https://github.com/c-ares/c-ares/commit/714bf5675c541bd1e668a8db8e67ce012651e618.patch

Links: 
https://github.com/c-ares/c-ares/security/advisories/GHSA-jq53-42q6-pqr5


Use-after-free can also lead to information leaks or code execution.
-- 
Sincerely,
Demi Marie Obenour (she/her/hers)

Attachment: OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

Current thread:

CVE-2025-62408: c-ares 1.32.3-1.34.5 use after free() Brad House (Dec 08)
- Re: CVE-2025-62408: c-ares 1.32.3-1.34.5 use after free() Demi Marie Obenour (Dec 08)