Bug 2252034 (CVE-2023-46219)
Summary: | CVE-2023-46219 curl: excessively long file name may lead to unknown HSTS status | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Marian Rehak <mrehak> |
Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
Status: | NEW --- | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | bbuckingham, bcourt, csutherl, ehelms, jclere, jsherril, lzap, mhulan, mturk, nmoumoul, orabin, pcreech, peholase, pjindal, plodge, rchan, security-response-team, szappis |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | curl 8.5.0 | Doc Type: | If docs needed, set a value |
Doc Text: |
A security bypass flaw was found in Curl, which can be triggered by saving HSTS data to an excessively long file name. This issue occurs due to an error in handling HSTS long file names, leading to the removal of all contents from the file during the save process, and may allow a remote attacker to send a specially crafted request to use files without awareness of the HSTS status and enable a Man-in-the-Middle (MitM) attack.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | Type: | --- | |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2254386, 2253143 | ||
Bug Blocks: | 2252024 |
Description
Marian Rehak
2023-11-29 06:18:05 UTC
This is public now: https://seclists.org/oss-sec/2023/q4/262 https://daniel.haxx.se/blog/2023/12/06/curl-8-5-0/ Created curl tracking bugs for this issue: Affects: fedora-all [bug 2253143] This issue has been addressed in the following products: Red Hat JBoss Core Services Via RHSA-2024:1317 https://access.redhat.com/errata/RHSA-2024:1317 This issue has been addressed in the following products: JBoss Core Services on RHEL 7 JBoss Core Services for RHEL 8 Via RHSA-2024:1316 https://access.redhat.com/errata/RHSA-2024:1316 |