Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 925661 (CVE-2024-25629, GHSA-mg26-v6qh-x48q) - <net-dns/c-ares-1.27.0: Reading malformed /etc/resolv.conf, /etc/nsswitch.conf, or HOSTALIASES could cause crash
Summary: <net-dns/c-ares-1.27.0: Reading malformed /etc/resolv.conf, /etc/nsswitch.con...
Alias: CVE-2024-25629, GHSA-mg26-v6qh-x48q
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: C3 [stable?]
Depends on:
Reported: 2024-02-27 23:58 UTC by Sam James
Modified: 2024-02-28 00:15 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-02-27 23:58:12 UTC
From 1.27.0 release notes (
    Moderate. CVE-2024-25629. Reading malformatted /etc/resolv.conf,
    /etc/nsswitch.conf or the HOSTALIASES file could result in a crash.
Comment 1 Larry the Git Cow gentoo-dev 2024-02-28 00:12:39 UTC
The bug has been referenced in the following commit(s):

commit 4f6ce3e29c1b9241d9f9b8a7cf432923fa3e1480
Author:     Sam James <>
AuthorDate: 2024-02-28 00:06:13 +0000
Commit:     Sam James <>
CommitDate: 2024-02-28 00:06:13 +0000

    net-dns/c-ares: add 1.27.0
    Signed-off-by: Sam James <>

 net-dns/c-ares/Manifest             |  2 +
 net-dns/c-ares/c-ares-1.27.0.ebuild | 92 +++++++++++++++++++++++++++++++++++++
 2 files changed, 94 insertions(+)