The builders of the curl open-source software program software and library have launched patches for 2 vulnerabilities within the broadly used command-line software. One of many flaws is rated with excessive severity and will probably be exploited by rogue servers to execute malicious code on methods that entry them with curl below sure situations.
Curl, which is brief for “shopper for URL,” is a cross-platform and transportable command-line software designed to switch knowledge or recordsdata to and from URLs. Relationship again 27 years, it helps many web communication protocols and applied sciences together with DICT, FTP, FTPS, Gopher, HTTP 1/2/3, HTTP proxy tunneling, HTTPS, IMAP, Kerberos, LDAP, MQTT, POP3, RTSP, RTMP, SCP, SMTP, and SMB. Along with the command-line software, curl additionally gives a library known as libcurl that many different purposes can combine to profit from the performance.
Daniel Stenberg, the maintainer of curl, made an announcement final week that an vital safety patch will probably be launched on October 11 to repair “most likely the worst curl safety flaw in a very long time.” The flaw, tracked as CVE-2023-38545, is a heap buffer overflow and impacts curl variations 7.69.0 to eight.3.0 and was patched in model 8.4.0 launched Wednesday.
The second flaw, CVE-2023-38546, impacts solely libcurl and permits for arbitrary cookies injection right into a program that makes use of libcurl. Nevertheless, the difficulty is taken into account low severity.
Curl vulnerability resides in SOCKS5 proxy
A buffer overflow is a sort of safety vulnerability that occurs when a program writes knowledge in an allotted reminiscence buffer in a manner that exceeds the scale of the buffer and the info spills into different reminiscence areas overwriting knowledge there. Buffer overflows can on the very least end in software crashes (denial of service), however in lots of instances, managed exploitation can result in arbitrary code execution.
That is additionally the case with CVE-2023-38545. Whereas proof-of-concept exploits have solely demonstrated denial of service for now, researchers imagine it’s solely a matter of time till code execution is achieved. The excellent news is that solely sure configurations of the software are susceptible, and they don’t seem to be the default ones.