Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:2478: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-35252: A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTP(S) server, where it accepts cookies using control codes (byte values below 32), and also when cookies that contain such control codes are later sent back to an HTTP(S) server, possibly causing the server to return a 400 response. This issue effectively allows a “sister site” to deny service to siblings and cause a denial of service attack.
  • CVE-2022-43552: A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols, curl can use a heap-allocated struct after it has been freed and shut down the code path in its transfer.
Red Hat Security Data
#vulnerability#web#linux#red_hat#dos#nodejs#js#java#kubernetes#ldap#samba#aws#telnet#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-05-09

Updated:

2023-05-09

RHSA-2023:2478 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Low: curl security update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for curl is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

Security Fix(es):

  • curl: Incorrect handling of control code characters in cookies (CVE-2022-35252)
  • curl: Use-after-free triggered by an HTTP proxy deny response (CVE-2022-43552)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

  • BZ - 2120718 - CVE-2022-35252 curl: Incorrect handling of control code characters in cookies
  • BZ - 2152652 - CVE-2022-43552 curl: Use-after-free triggered by an HTTP proxy deny response

References

  • https://access.redhat.com/security/updates/classification/#low
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

Red Hat Enterprise Linux for x86_64 9

SRPM

curl-7.76.1-23.el9.src.rpm

SHA-256: bb0b3247340f2ed6339cebb71f359b69b375fdb68ae474ff08fe41790832307d

x86_64

curl-7.76.1-23.el9.x86_64.rpm

SHA-256: 9da8e6a651b007ba167c720be5153c1e8164962394ae8ac006fa9c28e97b6141

curl-debuginfo-7.76.1-23.el9.i686.rpm

SHA-256: bbb01f788c6daf4b3c0c8c12342650ed2dc57d2a30b4b5139115d8442d77993a

curl-debuginfo-7.76.1-23.el9.i686.rpm

SHA-256: bbb01f788c6daf4b3c0c8c12342650ed2dc57d2a30b4b5139115d8442d77993a

curl-debuginfo-7.76.1-23.el9.x86_64.rpm

SHA-256: a30dc2464fcb9ba6e96067549c2b39cd8e1bf4a68603ebddf3df3ae5caeee695

curl-debuginfo-7.76.1-23.el9.x86_64.rpm

SHA-256: a30dc2464fcb9ba6e96067549c2b39cd8e1bf4a68603ebddf3df3ae5caeee695

curl-debugsource-7.76.1-23.el9.i686.rpm

SHA-256: 71e15a31df730cbfffd650b1bb81576be312cc22daef6961eb36397e0c41ba68

curl-debugsource-7.76.1-23.el9.i686.rpm

SHA-256: 71e15a31df730cbfffd650b1bb81576be312cc22daef6961eb36397e0c41ba68

curl-debugsource-7.76.1-23.el9.x86_64.rpm

SHA-256: b028f03b56f6cb283646f94048007ff483b2f777233424fa29aef8d467ef7dfd

curl-debugsource-7.76.1-23.el9.x86_64.rpm

SHA-256: b028f03b56f6cb283646f94048007ff483b2f777233424fa29aef8d467ef7dfd

curl-minimal-7.76.1-23.el9.x86_64.rpm

SHA-256: 9bba1324ef9f0def6fbab6339d8074f460f7deb9fd220f15cc25014f4245e576

curl-minimal-debuginfo-7.76.1-23.el9.i686.rpm

SHA-256: 94df686099dab1daf17d543013fdca8e72d25435a6ed1f2f575823b8ba03bfd7

curl-minimal-debuginfo-7.76.1-23.el9.i686.rpm

SHA-256: 94df686099dab1daf17d543013fdca8e72d25435a6ed1f2f575823b8ba03bfd7

curl-minimal-debuginfo-7.76.1-23.el9.x86_64.rpm

SHA-256: cee98b0b9a138f549332d27296a7704ecc7e71b2fa056ed0a5d6569ff70a3090

curl-minimal-debuginfo-7.76.1-23.el9.x86_64.rpm

SHA-256: cee98b0b9a138f549332d27296a7704ecc7e71b2fa056ed0a5d6569ff70a3090

libcurl-7.76.1-23.el9.i686.rpm

SHA-256: 2ff9978def90084beca43441a33692cf8ad17873fbc4a8bbbc6327206bc081ba

libcurl-7.76.1-23.el9.x86_64.rpm

SHA-256: a4e18f8f927597ad4be37a9b018b8268e70f48cf2373cb4c97288832b3aaffe2

libcurl-debuginfo-7.76.1-23.el9.i686.rpm

SHA-256: 22c76e89e649c0be6a9798617b75604e87c40e22b9fafa286d680949b1725412

libcurl-debuginfo-7.76.1-23.el9.i686.rpm

SHA-256: 22c76e89e649c0be6a9798617b75604e87c40e22b9fafa286d680949b1725412

libcurl-debuginfo-7.76.1-23.el9.x86_64.rpm

SHA-256: d8536a547eb14b0995f5f3269532eaea5a02a180269ac7229d804018d83b8200

libcurl-debuginfo-7.76.1-23.el9.x86_64.rpm

SHA-256: d8536a547eb14b0995f5f3269532eaea5a02a180269ac7229d804018d83b8200

libcurl-devel-7.76.1-23.el9.i686.rpm

SHA-256: 5daf78abeb51908ee69fec5dc6b32fc3595cf393056cf5a7423d0afc34475f40

libcurl-devel-7.76.1-23.el9.x86_64.rpm

SHA-256: 6cf09017d1125fc9e941978f88988023d1a9431956daf054cb7a05ec4317eb18

libcurl-minimal-7.76.1-23.el9.i686.rpm

SHA-256: afd6bfc9e091574a2098984a42b8b2c31938585f84114dbcf22a351f16dc06e2

libcurl-minimal-7.76.1-23.el9.x86_64.rpm

SHA-256: 6b59788253e98b4ca3a63e694c3179564027c1b6a4c22d14f6aac902723c5dd1

libcurl-minimal-debuginfo-7.76.1-23.el9.i686.rpm

SHA-256: a943dc4f54d515a4747ed10288def94dd2ec70224e1b80b162299e275ddfae32

libcurl-minimal-debuginfo-7.76.1-23.el9.i686.rpm

SHA-256: a943dc4f54d515a4747ed10288def94dd2ec70224e1b80b162299e275ddfae32

libcurl-minimal-debuginfo-7.76.1-23.el9.x86_64.rpm

SHA-256: 86467c7e42b22910a69fe0df2c04c8c72fc9a94d39af018df60fad76a16be3b9

libcurl-minimal-debuginfo-7.76.1-23.el9.x86_64.rpm

SHA-256: 86467c7e42b22910a69fe0df2c04c8c72fc9a94d39af018df60fad76a16be3b9

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

curl-7.76.1-23.el9.src.rpm

SHA-256: bb0b3247340f2ed6339cebb71f359b69b375fdb68ae474ff08fe41790832307d

s390x

curl-7.76.1-23.el9.s390x.rpm

SHA-256: 634cbe9980998e81153f0a16d11bcdda9e2cd233c37da97c6f26181f8db069c0

curl-debuginfo-7.76.1-23.el9.s390x.rpm

SHA-256: 54ec473d0c416752185c753e2c3514ed7ee4e32b9783f1dc39b7c63a6b9d90d0

curl-debuginfo-7.76.1-23.el9.s390x.rpm

SHA-256: 54ec473d0c416752185c753e2c3514ed7ee4e32b9783f1dc39b7c63a6b9d90d0

curl-debugsource-7.76.1-23.el9.s390x.rpm

SHA-256: 56626d1b796e00c4df75ed3e27cde6f223bbc02d515f0792dc0dd74b60c862dc

curl-debugsource-7.76.1-23.el9.s390x.rpm

SHA-256: 56626d1b796e00c4df75ed3e27cde6f223bbc02d515f0792dc0dd74b60c862dc

curl-minimal-7.76.1-23.el9.s390x.rpm

SHA-256: 4e6d482ecc3ee2caf0911bcc706cfbdd8b44fc45fdd2856038c1810a7430c031

curl-minimal-debuginfo-7.76.1-23.el9.s390x.rpm

SHA-256: 25d45a0991f0a5cf2b0d2019bfd4ae596355fae126873306df250a6681faad5e

curl-minimal-debuginfo-7.76.1-23.el9.s390x.rpm

SHA-256: 25d45a0991f0a5cf2b0d2019bfd4ae596355fae126873306df250a6681faad5e

libcurl-7.76.1-23.el9.s390x.rpm

SHA-256: 3f1e62682b07d7cd2363bc22111ca7802a3c97d70bce027769c1c520a119a90d

libcurl-debuginfo-7.76.1-23.el9.s390x.rpm

SHA-256: aaf1594e71754fc28054628c8bd9e3946f8cbfc7b7fc6eb27882de355a52feb8

libcurl-debuginfo-7.76.1-23.el9.s390x.rpm

SHA-256: aaf1594e71754fc28054628c8bd9e3946f8cbfc7b7fc6eb27882de355a52feb8

libcurl-devel-7.76.1-23.el9.s390x.rpm

SHA-256: 3907d385801f476a42ba35177ebf7d8d3c5a04ba0d128e1ed90ec722ee93d7df

libcurl-minimal-7.76.1-23.el9.s390x.rpm

SHA-256: 68ff1c06b72270f30edd4d5340249bda6e8e86fb1500759852536d60c16d094b

libcurl-minimal-debuginfo-7.76.1-23.el9.s390x.rpm

SHA-256: 7d982fa737f8e8520e61d80f107991bd72d9d9dad13784bf275633312d1e59ff

libcurl-minimal-debuginfo-7.76.1-23.el9.s390x.rpm

SHA-256: 7d982fa737f8e8520e61d80f107991bd72d9d9dad13784bf275633312d1e59ff

Red Hat Enterprise Linux for Power, little endian 9

SRPM

curl-7.76.1-23.el9.src.rpm

SHA-256: bb0b3247340f2ed6339cebb71f359b69b375fdb68ae474ff08fe41790832307d

ppc64le

curl-7.76.1-23.el9.ppc64le.rpm

SHA-256: 5e93e9651d942d7e5e345f0960f8818e5f9b8985f838c20805a0da67e5344310

curl-debuginfo-7.76.1-23.el9.ppc64le.rpm

SHA-256: 72223ebff8addb7e98a675b64e2428fde1b9655fe9daae2dab1d736f3df73d68

curl-debuginfo-7.76.1-23.el9.ppc64le.rpm

SHA-256: 72223ebff8addb7e98a675b64e2428fde1b9655fe9daae2dab1d736f3df73d68

curl-debugsource-7.76.1-23.el9.ppc64le.rpm

SHA-256: 79fc5009b1ff4c5cf2c68f9612789ba3dcf9c229d71863f9de294780ce8066c4

curl-debugsource-7.76.1-23.el9.ppc64le.rpm

SHA-256: 79fc5009b1ff4c5cf2c68f9612789ba3dcf9c229d71863f9de294780ce8066c4

curl-minimal-7.76.1-23.el9.ppc64le.rpm

SHA-256: 80f561b8562de4196a458961949f178d62361bd707feb58c8265d5a8886c4dab

curl-minimal-debuginfo-7.76.1-23.el9.ppc64le.rpm

SHA-256: 0bcb16fb5821bb40561e793dc78a4e6c067990b55109f57b1ec9158182aba996

curl-minimal-debuginfo-7.76.1-23.el9.ppc64le.rpm

SHA-256: 0bcb16fb5821bb40561e793dc78a4e6c067990b55109f57b1ec9158182aba996

libcurl-7.76.1-23.el9.ppc64le.rpm

SHA-256: 7d5b8aa518702762be2bf736d3443ae889058f9cd14b7c365fde7c0333e89630

libcurl-debuginfo-7.76.1-23.el9.ppc64le.rpm

SHA-256: aa970d8e6b163f86bb6b4570f5028d60d29c4b9a488e0ad8dd0569cb15d0029e

libcurl-debuginfo-7.76.1-23.el9.ppc64le.rpm

SHA-256: aa970d8e6b163f86bb6b4570f5028d60d29c4b9a488e0ad8dd0569cb15d0029e

libcurl-devel-7.76.1-23.el9.ppc64le.rpm

SHA-256: 62c38f0f6a0ddb5acbb5db45076c642c56267ab212c8c203e5f0ac605ae0896d

libcurl-minimal-7.76.1-23.el9.ppc64le.rpm

SHA-256: 48e05584a0c432833dfbf9478b61f943955a4e8b0db359f177eb35278c3aee0b

libcurl-minimal-debuginfo-7.76.1-23.el9.ppc64le.rpm

SHA-256: 53272f5c983f58ec377146a2f6d253eccf50697378d476e060795c62deda0e19

libcurl-minimal-debuginfo-7.76.1-23.el9.ppc64le.rpm

SHA-256: 53272f5c983f58ec377146a2f6d253eccf50697378d476e060795c62deda0e19

Red Hat Enterprise Linux for ARM 64 9

SRPM

curl-7.76.1-23.el9.src.rpm

SHA-256: bb0b3247340f2ed6339cebb71f359b69b375fdb68ae474ff08fe41790832307d

aarch64

curl-7.76.1-23.el9.aarch64.rpm

SHA-256: 5a38014adecf38a2369e734c34ba7ff125f969ee3c7f894086efa78cc3213772

curl-debuginfo-7.76.1-23.el9.aarch64.rpm

SHA-256: e35aae19ae7380655a6dca06405d81494f83a35e392a72184b1b5be873df587d

curl-debuginfo-7.76.1-23.el9.aarch64.rpm

SHA-256: e35aae19ae7380655a6dca06405d81494f83a35e392a72184b1b5be873df587d

curl-debugsource-7.76.1-23.el9.aarch64.rpm

SHA-256: 9abd4e47a4818f02971fd7821a68d9b394ff392493da8c6a022b560623f8f320

curl-debugsource-7.76.1-23.el9.aarch64.rpm

SHA-256: 9abd4e47a4818f02971fd7821a68d9b394ff392493da8c6a022b560623f8f320

curl-minimal-7.76.1-23.el9.aarch64.rpm

SHA-256: 46fde6d437953f7686774f0e81f1a79b66de9aa1d4648c8fd8ef6128b5b94548

curl-minimal-debuginfo-7.76.1-23.el9.aarch64.rpm

SHA-256: 89ed00d4b80a3c3dd12af6db53505883fda33a1314c491a3f5704659ef472ae6

curl-minimal-debuginfo-7.76.1-23.el9.aarch64.rpm

SHA-256: 89ed00d4b80a3c3dd12af6db53505883fda33a1314c491a3f5704659ef472ae6

libcurl-7.76.1-23.el9.aarch64.rpm

SHA-256: c151e49615faeabd796c080ce529f73ecf3405d2294f0dc2311bddae57571fd7

libcurl-debuginfo-7.76.1-23.el9.aarch64.rpm

SHA-256: 291ac0557e0652c28a12fbe8482537d6bd6eb77e251fa63ba10aa76a4591317f

libcurl-debuginfo-7.76.1-23.el9.aarch64.rpm

SHA-256: 291ac0557e0652c28a12fbe8482537d6bd6eb77e251fa63ba10aa76a4591317f

libcurl-devel-7.76.1-23.el9.aarch64.rpm

SHA-256: ef292d8cbdc2ad913ee9a311baad2a63e55a88a587b6ecfafb2257611cebfdbb

libcurl-minimal-7.76.1-23.el9.aarch64.rpm

SHA-256: bee5e1559ee222b731348415d23b21f8eb4abe65f97484dd6be59952d635a92f

libcurl-minimal-debuginfo-7.76.1-23.el9.aarch64.rpm

SHA-256: f81cac9d2b1d0b87a51f7f28b6d832ddcd679f6771127f267df0528a711cb5e0

libcurl-minimal-debuginfo-7.76.1-23.el9.aarch64.rpm

SHA-256: f81cac9d2b1d0b87a51f7f28b6d832ddcd679f6771127f267df0528a711cb5e0

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Gentoo Linux Security Advisory 202310-12

Gentoo Linux Security Advisory 202310-12 - Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. Versions greater than or equal to 8.3.0-r2 are affected.

Red Hat Security Advisory 2023-4576-01

Red Hat Security Advisory 2023-4576-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters.

Red Hat Security Advisory 2023-4488-01

Red Hat Security Advisory 2023-4488-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.

RHSA-2023:3354: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 on Red Hat Enterprise Linux versions 7 and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2006-20001: A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. * CVE-2022-4304: A timing-based side channel exists in the Open...

RHSA-2023:3355: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2006-20001: A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. * CVE-2022-4304: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficien...

Red Hat Security Advisory 2023-3326-01

Red Hat Security Advisory 2023-3326-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.6 images. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

Red Hat Security Advisory 2023-2963-01

Red Hat Security Advisory 2023-2963-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include file download and use-after-free vulnerabilities.

RHSA-2023:2963: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-35252: A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTP(S) server, where it accepts cookies using control codes (byte values below 32), and also when cookies that contain such control codes are later sent back to an HTTP(S) server, possibly causing the server to return a 400 response. This is...

CVE-2023-28190: About the security content of macOS Ventura 13.3

A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data

CVE-2023-1731: Meinberg Security Advisory: [MBGSA-2023.02] LANTIME-Firmware V7.06.013

In LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.

Microsoft Zero-Day Bugs Allow Security Feature Bypass

Security vendors urge organizations to fix the actively exploited bugs, in Microsoft Outlook and the Mark of the Web feature, immediately.

CVE-2023-22436: en/security-disclosure/2023/2023-02.md · OpenHarmony/security - Gitee.com

The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root.

CVE-2022-43552

A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.

Debian Security Advisory 5330-1

Debian Linux Security Advisory 5330-1 - Two vulnerabilities were discovered in Curl, an easy-to-use client-side URL transfer library, which could result in denial of service or information disclosure.

Apple Security Advisory 2023-01-23-6

Apple Security Advisory 2023-01-23-6 - macOS Big Sur 11.7.3 addresses buffer overflow, bypass, and code execution vulnerabilities.

Apple Security Advisory 2023-01-23-5

Apple Security Advisory 2023-01-23-5 - macOS Monterey 12.6.3 addresses buffer overflow, bypass, code execution, and information leakage vulnerabilities.

Ubuntu Security Notice USN-5788-1

Ubuntu Security Notice 5788-1 - Hiroki Kurosawa discovered that curl incorrectly handled HSTS support when certain hostnames included IDN characters. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that curl incorrectly handled denials when using HTTP proxies. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Gentoo Linux Security Advisory 202212-01

Gentoo Linux Security Advisory 202212-1 - Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. Versions less than 7.86.0 are affected.

Red Hat Security Advisory 2022-8840-01

Red Hat Security Advisory 2022-8840-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include buffer overflow, bypass, code execution, denial of service, double free, and out of bounds read vulnerabilities.

Red Hat Security Advisory 2022-8841-01

Red Hat Security Advisory 2022-8841-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include buffer over-read, buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, and use-after-free vulnerabilities.

RHSA-2022:8841: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1292: openssl: c_rehash script allows command injection * CVE-2022-2068: openssl: the c_rehash script allows command injection * CVE-2022-22721: httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody * CVE-2022-23943: httpd: mod_sed: Read/write beyond bounds * CVE-2022-26377: httpd: mod_proxy_ajp: Possible request smuggling * CVE-2...

RHSA-2022:8840: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1292: openssl: c_rehash script allows command injection * CVE-2022-2068: openssl: the c_rehash script allows command injection * CVE-2022-22721: httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody * CVE-2022-23943: httpd: mod_sed: Read/write beyond bounds * CVE-2022-26377: httpd: mod_proxy_ajp: Possible request smuggling * CVE-20...

CVE-2022-41686: en/security-disclosure/2022/2022-10.md · OpenHarmony/security - Gitee.com

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.

CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.

Ubuntu Security Notice USN-5587-1

Ubuntu Security Notice 5587-1 - Axel Chong discovered that when curl accepted and sent back cookies containing control bytes that a HTTP server might return a 400 response. A malicious cookie host could possibly use this to cause denial-of-service.