libcurl's (new) internal function that returns a good 32bit random value was implemented poorly and overwrote the pointer instead of writing the value into the buffer the pointer pointed to. This random value is used to generate nonces for Digest and NTLM authentication, for generating boundary strings in HTTP formposts and more. Having a weak or virtually non-existent random there makes these operations vulnerable. This function is brand new in 7.52.0 External References: https://curl.haxx.se/docs/adv_20161223.html Upstream patch: https://curl.haxx.se/CVE-2016-9594.patch
Acknowledgments: Name: Kamil Dudka (Red Hat)
Vulnerable version is not shipped anywhere across our products.