CVE-2023-38039

Опубликовано: 13 сент. 2023

Источник: redhat

CVSS3: 7.5

Описание

When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.

A flaw was found in the Curl package. Curl allows a malicious server to stream an endless series of headers to a client due to missing limit on header quantity, eventually causing curl to run out of heap memory, which may lead to a crash.

Отчет

This issue does not affect the Curl package as shipped in Red Hat Enterprise Linux 6, 7, 8, and 9.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	curl	Not affected
Red Hat Enterprise Linux 7	curl	Not affected
Red Hat Enterprise Linux 8	curl	Not affected
Red Hat Enterprise Linux 9	curl	Not affected
JBoss Core Services for RHEL 8	jbcs-httpd24-curl	Fixed	RHSA-2023:7625	07.12.2023
JBoss Core Services on RHEL 7	jbcs-httpd24-curl	Fixed	RHSA-2023:7625	07.12.2023
Text-Only JBCS	curl	Fixed	RHSA-2023:7626	07.12.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-770

https://bugzilla.redhat.com/show_bug.cgi?id=2239135curl: out of heap memory issue due to missing limit on header quantity

7.5 High

CVSS3

Связанные уязвимости

CVE-2023-38039

CVSS3: 7.5

ubuntu

почти 2 года назад

CVE-2023-38039

CVSS3: 7.5

nvd

почти 2 года назад

CVE-2023-38039

msrc

больше 1 года назад

Hackerone: CVE-2023-38039 HTTP headers eat all memory

CVE-2023-38039

CVSS3: 7.5

debian

почти 2 года назад

When curl retrieves an HTTP response, it stores the incoming headers s ...

SUSE-SU-2023:3823-1

suse-cvrf

больше 1 года назад

Security update for curl

7.5 High

CVSS3