Описание
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 8.18.0-1ubuntu2 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| jammy | not-affected | code not present |
| noble | not-affected | code not present |
| questing | released | 8.14.1-2ubuntu1.2 |
| upstream | released | 8.19.0 |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
A flaw was found in curl. When handling a second Server Message Block (SMB) request to the same host, curl incorrectly accesses memory that has already been freed. This memory corruption vulnerability, known as a use-after-free, could allow a remote attacker to potentially execute arbitrary code or cause a denial of service.
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.
When doing a second SMB request to the same host again, curl would wro ...
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.
EPSS
7.5 High
CVSS3