CVE-2016-8617

Name of the Vulnerable Software and Affected Versions curl versions prior to 7.51.0

Description The base64 encode function in curl is prone to a buffer being under allocated in 32-bit systems if it receives a large input, at least 1Gb, via CURLOPT USERNAME. This issue occurs due to the multiplication in the buffer allocation expression wrapping around for large input sizes, resulting in an undersized output buffer being allocated. The full result is then written, causing the memory behind the output buffer to be overwritten. This can be triggered by setting a username directly via CURLOPT USERNAME with a name that is at least 512MB big in a 32-bit system. Systems with 64-bit versions of the size t type are not affected by this issue.

Recommendations For versions prior to 7.51.0, update to version 7.51.0 or later to resolve the issue. As a temporary workaround, consider avoiding the use of large usernames via CURLOPT USERNAME to minimize the risk of exploitation. Restrict access to the CURLOPT USERNAME option to prevent potential attacks.