Headline
CVE-2023-38039
When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API.
However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.
Related news
Apple Security Advisory 01-22-2024-7 - macOS Monterey 12.7.3 addresses code execution vulnerabilities.
Apple Security Advisory 01-22-2024-6 - macOS Ventura 13.6.4 addresses bypass and code execution vulnerabilities.
Apple Security Advisory 01-22-2024-3 - iOS 16.7.5 and iPadOS 16.7.5 addresses code execution vulnerabilities.
Red Hat Security Advisory 2023-7626-03 - Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 2 is now available. Issues addressed include buffer overflow, denial of service, information leakage, and integer overflow vulnerabilities.
Red Hat Security Advisory 2023-7625-03 - An update is now available for Red Hat JBoss Core Services. Issues addressed include buffer overflow, denial of service, and information leakage vulnerabilities.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551.
Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file.
Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
Gentoo Linux Security Advisory 202310-12 - Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. Versions greater than or equal to 8.3.0-r2 are affected.
Ubuntu Security Notice 6363-1 - It was discovered that curl incorrectly handled certain large headers. A remote attacker could possibly use this issue to cause curl to consume resources, resulting in a denial of service.