PT-2023-3440 · Curl+4 · Curl+4

Wct

Publicado

2023-05-17

Atualizado

2026-05-18

CVE-2023-28319

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions curl versions prior to 8.1.0

Description A use after free issue exists in the way libcurl verifies an SSH server's public key using a SHA 256 hash. When this check fails, libcurl frees the memory for the fingerprint before returning an error message containing the now freed hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.

Recommendations For versions prior to 8.1.0, update to version 8.1.0 or later to resolve the issue. As a temporary workaround, consider disabling the SSH server's public key verification feature using a SHA 256 hash until a patch is available. Restrict access to sensitive information that may be leaked due to this flaw to minimize the risk of exploitation.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2023-1827

ALT-PU-2023-1863

ALT-PU-2023-4357

ALT-PU-2023-5727

AZL-26795

AZL-26807

AZL-26810

AZL-38554

BDU:2023-03622

CLEANSTART-2026-AY18527

CLEANSTART-2026-BW46578

CLEANSTART-2026-DI23929

CLEANSTART-2026-LQ42192

CLEANSTART-2026-OF85770

CVE-2023-28319

MGASA-2023-0263

OPENSUSE-SU-2024:12940-1

RHSA-2023:4629

SUSE-SU-2023:2224-1

SUSE-SU-2023:2224-2

SUSE-SU-2023:2225-1

SUSE-SU-2023_2224-1

Produtos afetados

Alt Linux

Apple Macos

Red Os

Suse

Curl

PT-2023-3440 · Curl+4 · Curl+4

CVE-2023-28319

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 334