Headline

CVE-2021-22897: curl - schannel cipher selection surprise

curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single “static” variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly.

3 years ago

CVE

Open in Source

#vulnerability #windows #microsoft

Project curl Security Advisory, May 26th 2021 - Permalink

VULNERABILITY

libcurl lets applictions specify which specific TLS ciphers to use in transfers, using the option called CURLOPT_SSL_CIPHER_LIST. The cipher selection is used for the TLS negotation when a transfer is done involving any of the TLS based transfer protocols libcurl supports, such as HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

Due to a mistake in the code, the selected cipher set was stored in a single “static” variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly.

We are not aware of any exploit of this flaw.

INFO

This flaw has existed in libcurl since commit 9aefbff30d280c60fc in libcurl 7.61.0, released on July 11, 2018.

It can only trigger when Schannel is used, which is the native TLS library in Microsoft Windows.

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2021-22897 to this issue.

CWE-488: Exposure of Data Element to Wrong Session

Severity: Low

AFFECTED VERSIONS

This issue only exists when libcurl is built to use Schannel.