CVE-2023-28319

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions curl versions prior to 8.1.0

Description A use after free issue exists in the way libcurl verifies an SSH server's public key using a SHA 256 hash. When this check fails, libcurl frees the memory for the fingerprint before returning an error message containing the now freed hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.

Recommendations For versions prior to 8.1.0, update to version 8.1.0 or later to resolve the issue. As a temporary workaround, consider disabling the SSH server's public key verification feature using a SHA 256 hash until a patch is available. Restrict access to sensitive information that may be leaked due to this flaw to minimize the risk of exploitation.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2023-1827

ALT-PU-2023-1863

ALT-PU-2023-4357

ALT-PU-2023-5727

AZL-26795

AZL-26807

AZL-26810

AZL-38554

BDU:2023-03622

CLEANSTART-2026-AY18527

CLEANSTART-2026-BW46578

CLEANSTART-2026-DI23929

CLEANSTART-2026-LQ42192

CLEANSTART-2026-OF85770

CVE-2023-28319

MGASA-2023-0263

OPENSUSE-SU-2024:12940-1

RHSA-2023:4629

SUSE-SU-2023:2224-1

SUSE-SU-2023:2224-2

SUSE-SU-2023:2225-1

SUSE-SU-2023_2224-1

Affected Products

Alt Linux

Apple Macos

Red Os

Suse

Curl

CVE-2023-28319

Weakness Enumeration

Related Identifiers

Affected Products

References · 334