Bug 2078388 (CVE-2022-27775)

Summary: CVE-2022-27775 curl: bad local IPv6 connection reuse
Product: [Other] Security Response Reporter: Marian Rehak <mrehak>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: andrew.slice, bodavis, csutherl, dbhole, drusek, erik-fedora, gzaronik, hhorak, jclere, jorton, jwon, kanderso, kdudka, luhliari, lvaleeva, mike, msekleta, mturk, omajid, paul, pjindal, rwagner, ryanhammerdick, security-response-team, svashisht, szappis
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: curl 7.83.0 Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in curl. This security flaw occurs due to errors in the logic where the config matching function did not take the IPv6 address zone id into account. This issue can lead to curl reusing the wrong connection when one transfer uses a zone id, and the subsequent transfer uses another.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-12-06 16:33:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2078743, 2079171, 2079172    
Bug Blocks: 2077543    

Description Marian Rehak 2022-04-25 08:00:42 UTC 
Due to errors in the logic, the config matching function did not take the IPv6 address zone id into account which could lead to libcurl reusing wrong
connection when one transfer uses a zone id and subsequent transfer uses another.
Comment 3 Sandipan Roy 2022-04-27 06:36:02 UTC 
https://curl.se/docs/CVE-2022-27775.html
Comment 4 Sandipan Roy 2022-04-27 06:37:34 UTC 
Created curl tracking bugs for this issue:

Affects: fedora-all [bug 2079171]


Created mingw-curl tracking bugs for this issue:

Affects: fedora-all [bug 2079172]
Comment 6 errata-xmlrpc 2022-11-15 10:52:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:8299 https://access.redhat.com/errata/RHSA-2022:8299
Comment 7 Product Security DevOps Team 2022-12-06 16:33:09 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-27775