CVE-2023-31147: Insufficient randomness for DNS query identifiers in c-ares
We've been part of a team that audited c-ares. This is a writeup of how we discovered that DNS query identifiers generated by c-ares are not always properly random which lead to CVE-2023-31147.
