GoogleOSV:CVE-2024-2398CVE-2024-2398
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
6.6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.5%
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
References
www.openwall.com/lists/oss-security/2024/03/27/3
curl.se/docs/CVE-2024-2398.html
curl.se/docs/CVE-2024-2398.json
hackerone.com/reports/2402845
lists.fedoraproject.org/archives/list/[email protected]/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/
lists.fedoraproject.org/archives/list/[email protected]/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/
security.netapp.com/advisory/ntap-20240503-0009/
Related
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
6.6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.5%