Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-38545HistoryOct 18, 2023 - 4:15 a.m.
CVE-2023-38545
2023-10-1804:15:11
Debian Security Bug Tracker
security-tracker.debian.org
40
security vulnerability
buffer overflow
socks5 proxy
host name resolution
heap based buffer
url
unix
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.003
Percentile
68.0%
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means “let the host resolve the name” could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to operate with.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | curl | < 7.88.1-10+deb12u4 | curl_7.88.1-10+deb12u4_all.deb |
| Debian | 11 | all | curl | < 7.74.0-1.3+deb11u10 | curl_7.74.0-1.3+deb11u10_all.deb |
| Debian | 999 | all | curl | < 8.3.0-3 | curl_8.3.0-3_all.deb |
| Debian | 13 | all | curl | < 8.3.0-3 | curl_8.3.0-3_all.deb |
Related
openvas
openvas
QNAP QuTS hero curl Vulnerability (QSA-24-27)
2024-09-10 00:00:00
QNAP QTS curl Vulnerability (QSA-24-27)
2024-09-10 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1055)
2024-01-09 00:00:00
nessus
nessus
CentOS 9 : curl-7.76.1-28.el9
2024-02-29 00:00:00
RHEL 6 / 7 / 8 / 9 : Satellite Client Async Security Update (Important) (RHSA-2024:2011)
2024-04-24 00:00:00
libcurl 7.69 < 8.4.0 Heap Buffer Overflow
2023-10-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-38545 affecting package curl for versions less than 8.3.0-2
2023-10-12 19:11:35
CVE-2023-38545 affecting package cmake for versions less than 3.21.4-10
2023-10-21 15:00:39
CVE-2023-38545 affecting package cmake for versions less than 3.21.4-10
2024-03-19 17:21:46
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Haxx Libcurl
2024-03-28 06:05:37
Exploit for Out-of-bounds Write in Haxx Libcurl
2024-03-19 13:45:09
Exploit for Out-of-bounds Write in Haxx Libcurl
2023-10-16 15:55:32
wizblog
wizblog
prion
prion
Heap overflow
2023-10-18 04:15:00
osv
osv
CVE-2023-38545
2023-10-18 04:15:11
cmake-3.27.8-1.1 on GA media
2024-06-15 00:00:00
CGA-h26h-2qmg-crpw
2024-06-06 12:27:34
mscve
mscve
Hackerone: CVE-2023-38545 SOCKS5 heap buffer overflow
2023-10-19 07:00:00
ibm
ibm
hackerone
hackerone
curl: CVE-2023-38545: socks5 heap buffer overflow
2023-09-30 08:26:30
ubuntucve
ubuntucve
CVE-2023-38545
2023-10-11 00:00:00
cnvd
cnvd
cURL SOCKS5 Heap Overflow Vulnerability
2023-10-11 00:00:00
f5
f5
K000137257 : cURL vulnerabilities CVE-2023-38545
2023-10-17 00:00:00
broadcom
broadcom
SOCKS5 heap buffer overflow (CVE-2023-38545)
2023-10-16 00:00:00
freebsd
freebsd
curl -- SOCKS5 heap buffer overflow
2023-09-30 00:00:00
veracode
veracode
Heap Buffer Overflow
2023-10-11 14:40:13
cgr
cgr
CVE-2023-38545 vulnerabilities
2024-05-19 03:07:16
veeam
veeam
Vulnerability Scanner Detection Related to CVE-2023-38545
2023-12-12 00:00:00
Release Information for Veeam Backup & Replication 12.1 and Updates
2023-12-05 00:00:00
Release Information for Veeam Backup & Replication 11a Cumulative Patches
2021-11-26 00:00:00
cvelist
cvelist
CVE-2023-38545
2023-10-18 03:52:00
redhatcve
redhatcve
CVE-2023-38545
2023-10-11 07:12:30
alpinelinux
alpinelinux
CVE-2023-38545
2023-10-18 04:15:11
nvd
nvd
CVE-2023-38545
2023-10-18 04:15:11
cve
cve
CVE-2023-38545
2023-10-18 04:15:11
rosalinux
rosalinux
Advisory ROSA-SA-2024-2379
2024-03-26 11:18:17
redhat
redhat
(RHSA-2024:2011) Important: Satellite Client Async Security Update
2024-04-23 17:14:55
(RHSA-2023:5700) Important: curl security update
2023-10-13 21:38:55
(RHSA-2023:6745) Important: curl security update
2023-11-07 10:08:50
wolfi
wolfi
CVE-2023-38545 vulnerabilities
2024-09-28 21:12:41
fedora
fedora
[SECURITY] Fedora 39 Update: curl-8.2.1-3.fc39
2023-10-16 15:27:49
[SECURITY] Fedora 38 Update: curl-8.0.1-5.fc38
2023-10-14 01:32:18
[SECURITY] Fedora 37 Update: curl-7.85.0-12.fc37
2023-10-28 01:25:37
redos
redos
ROS-20231016-05
2023-10-16 00:00:00
oraclelinux
oraclelinux
curl security update
2023-11-16 00:00:00
curl security update
2023-10-18 00:00:00
qualysblog
qualysblog
Curl 8.4.0 – Proactively Identifying Potential Vulnerable Assets
2023-10-06 00:14:06
Oracle Patch Update, January 2024 Security Update Review
2024-01-17 15:29:33
cloudfoundry
cloudfoundry
USN-6429-1: curl vulnerabilities | Cloud Foundry
2023-11-09 00:00:00
slackware
slackware
[slackware-security] curl
2023-10-11 06:45:13
amazon
amazon
Important: curl
2023-10-10 21:19:00
ubuntu
ubuntu
curl vulnerabilities
2023-10-17 00:00:00
curl vulnerabilities
2023-10-11 00:00:00
aix
aix
Multiple vulnerabilities in cURL libcurl affect AIX
2023-12-11 13:22:02
almalinux
almalinux
Important: curl security update
2023-11-07 00:00:00
Important: curl security update
2023-10-17 00:00:00
ics
ics
Rockwell Automation FactoryTalk Activation
2024-01-04 12:00:00
Siemens RUGGEDCOM APE1808
2024-03-14 12:00:00
debian
debian
[SECURITY] [DSA 5523-1] curl security update
2023-10-11 06:58:41
thn
thn
Security Patch for Two New Flaws in Curl Library Arriving on October 11
2023-10-09 10:32:00
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities
2023-11-15 05:46:00
mageia
mageia
Updated the curl packages to fix two security vulnerabilities
2023-10-14 01:56:51
cisco
cisco
cURL and libcurl Vulnerability Affecting Cisco Products: October 2023
2023-10-12 16:00:00
paloalto
paloalto
Impact of curl and libcurl Vulnerabilities (CVE-2023-38545, CVE-2023-38546)
2023-10-12 20:40:00
rocky
rocky
curl security update
2023-10-24 18:36:52
kaspersky
kaspersky
KLA61541 Multiple vulnerabilities in Microsoft Windows
2023-10-19 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0113
2023-10-11 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0487
2023-10-11 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0667
2023-10-11 00:00:00
apple
apple
About the security content of macOS Monterey 12.7.3
2024-01-22 00:00:00
About the security content of macOS Ventura 13.6.4
2024-01-22 00:00:00
avleonov
avleonov
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.003
Percentile
68.0%
Related for DEBIANCVE:CVE-2023-38545