Описание
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
A vulnerability was found in curl. This issue occurs because the number of acceptable "links" in the "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps. This flaw leads to a denial of service, either by mistake or by a malicious actor.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| .NET Core 3.1 on Red Hat Enterprise Linux | rh-dotnet31-curl | Out of support scope | ||
| Red Hat Enterprise Linux 6 | curl | Not affected | ||
| Red Hat Enterprise Linux 7 | curl | Not affected | ||
| Red Hat Software Collections | httpd24-curl | Will not fix | ||
| JBoss Core Services for RHEL 8 | jbcs-httpd24-curl | Fixed | RHSA-2022:8840 | 08.12.2022 |
| JBoss Core Services on RHEL 7 | jbcs-httpd24-curl | Fixed | RHSA-2022:8840 | 08.12.2022 |
| Red Hat Enterprise Linux 8 | curl | Fixed | RHSA-2022:6159 | 24.08.2022 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | curl | Fixed | RHSA-2023:3460 | 06.06.2023 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | curl | Fixed | RHSA-2023:3460 | 06.06.2023 |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | curl | Fixed | RHSA-2023:3460 | 06.06.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
curl < 7.84.0 supports "chained" HTTP compression algorithms meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb" makingcurl end up spending enormous amounts of allocated heap memory or trying toand returning out of memory errors.
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning ...
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
EPSS
6.5 Medium
CVSS3