Описание
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| curl | fixed | 8.19.0-1 | package | |
| curl | no-dsa | trixie | package | |
| curl | not-affected | bookworm | package | |
| curl | not-affected | bullseye | package |
Примечания
https://curl.se/docs/CVE-2026-3805.html
Introduced with: https://github.com/curl/curl/commit/f4831daa9b2a97e8a2921d6b62cc4dfdd0d8646e (curl-8_13_0)
Fixed by: https://github.com/curl/curl/commit/e090be9f73a7a71459ef678c7cc4b1f75e3ea883 (curl-8_19_0)
EPSS
Связанные уязвимости
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.
A flaw was found in curl. When handling a second Server Message Block (SMB) request to the same host, curl incorrectly accesses memory that has already been freed. This memory corruption vulnerability, known as a use-after-free, could allow a remote attacker to potentially execute arbitrary code or cause a denial of service.
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.
EPSS