Arch Linux Security Advisory ASA-201811-6
========================================
Severity: High
Date    : 2018-11-06
CVE-ID  : CVE-2018-16840
Package : libcurl-gnutls
Type    : arbitrary code execution
Remote  : Yes
Link    : https://security.archlinux.org/AVG-799

Summary
======
The package libcurl-gnutls before version 7.62.0-1 is vulnerable to
arbitrary code execution.

Resolution
=========
Upgrade to 7.62.0-1.

# pacman -Syu "libcurl-gnutls>=7.62.0-1"

The problem has been fixed upstream in version 7.62.0.

Workaround
=========
None.

Description
==========
A heap use-after-free flaw was found in curl versions from 7.59.0
through 7.61.1 in the code related to closing an easy handle. When
closing and cleaning up an 'easy' handle in the `Curl_close()`
function, the library code first frees a struct (without nulling the
pointer) and might then subsequently erroneously write to a struct
field within that already freed struct.

Impact
=====
A malicious remote server might be able to execute arbitrary commands
by closing the connection from a client using easy handlers.

References
=========
https://curl.se/docs/CVE-2018-16840.html
https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f
https://security.archlinux.org/CVE-2018-16840

ArchLinux: 201811-6: libcurl-gnutls: arbitrary code execution

November 10, 2018

Summary

A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.

Resolution

Upgrade to 7.62.0-1. # pacman -Syu "libcurl-gnutls>=7.62.0-1"
The problem has been fixed upstream in version 7.62.0.

References

https://curl.se/docs/CVE-2018-16840.html https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f https://security.archlinux.org/CVE-2018-16840

Severity
Package : libcurl-gnutls
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-799

Workaround

None.

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved