Movatterモバイル変換

[0]ホーム
URL:

Docs Overview
Project
Bug BountyBug ReportCode of conductDependenciesDonateFAQFeaturesGovernanceHistoryInstallKnown BugsLogoTODOwebsite Info
Protocols
CA ExtractHTTP cookiesHTTP/3MQTTSSL certsSSL libs comparedURL syntaxWebSocket
Releases
Changelogcurl CVEsRelease TableVersion NumberingVulnerabilities
Tool
Comparison Tablecurl man pageHTTP Scriptingmk-ca-bundleTutorialWhen options were added
Who and Why
CompaniesCopyrightSponsorsThanksThe name
curl /Docs /curl CVEs /CERTINFO never-ending busy-loop
Related:
Audits
Bug Bounty
Changelog
curl CVEs
JSON metadata
Original report
Vulnerability Disclosure
Vulnerabilities Table

CVE-2022-27781

CERTINFO never-endingbusy-loop

Project curl Security Advisory, May 11 2022 -Permalink

VULNERABILITY

libcurl provides theCURLOPT_CERTINFO option to allowapplications to request details to be returned about a TLS server'scertificate chain.

Due to an erroneous function, a malicious server could make libcurlbuilt with NSS get stuck in a never-ending busy-loop when trying toretrieve that information.

INFO

This flaw was introduced in in curl7.34.0 when libcurl added supportforCURLOPT_CERTINFO using NSS.

This feature is not accessible from the command line tool.

The Common Vulnerabilities and Exposures (CVE) project has assignedthe name CVE-2022-27781 to this issue.

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

Severity: Low

AFFECTED VERSIONS

libcurl is used by many applications, but not always advertised assuch!

SOLUTION

RECOMMENDATIONS

A - Upgrade curl to version7.83.1

B - Apply the patch to your local version

C - Do not use theCURLOPT_CERTINFO option

TIMELINE

This issue was reported to the curl project on April 30, 2022. Wecontacted distros@openwall on May 5.

libcurl7.83.1 was released on May 11 2022, coordinated with thepublication of this advisory.

CREDITS

Thanks a lot!

[8]ページ先頭
©2009-2025 Movatter.jp