When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
Created curl tracking bugs for this issue: Affects: fedora-all [bug 2209338] Created mingw-curl tracking bugs for this issue: Affects: fedora-all [bug 2209339]
Hello, while doing review of the Vulnerability Assessment report of RHEL 8.6 for the purpose of Common Criteria certification, we came across this CVE. The CVE page https://access.redhat.com/security/cve/CVE-2023-28322 has Statement This vulnerability does not affect the Curl package as shipped in Red Hat Enterprise Linux 6, 7 and 8. What is the specific reason why RHEL 8 is not affected? Thank you, Jan
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:4354 https://access.redhat.com/errata/RHSA-2023:4354
This issue has been addressed in the following products: Red Hat JBoss Core Services Via RHSA-2023:4628 https://access.redhat.com/errata/RHSA-2023:4628
This issue has been addressed in the following products: JBoss Core Services on RHEL 7 JBoss Core Services for RHEL 8 Via RHSA-2023:4629 https://access.redhat.com/errata/RHSA-2023:4629
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:5598 https://access.redhat.com/errata/RHSA-2023:5598
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0428 https://access.redhat.com/errata/RHSA-2024:0428
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:0585 https://access.redhat.com/errata/RHSA-2024:0585
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:1601 https://access.redhat.com/errata/RHSA-2024:1601