diff options
Diffstat (limited to 'security/vuxml/attachment.cgi?id=244811')
| -rw-r--r-- | security/vuxml/attachment.cgi?id=244811 | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/security/vuxml/attachment.cgi?id=244811 b/security/vuxml/attachment.cgi?id=244811 new file mode 100644 index 000000000000..20c93ef1ae8f --- /dev/null +++ b/security/vuxml/attachment.cgi?id=244811 @@ -0,0 +1,57 @@ +From 7ea414f0f67c4e6e54d86d54fd639ff476d9af73 Mon Sep 17 00:00:00 2001 +From: Yasuhiro Kimura <yasu@FreeBSD.org> +Date: Thu, 14 Sep 2023 00:15:37 +0900 +Subject: [PATCH] security/vuxml: Document "eat all memory" vulnerability in + curl + +--- + security/vuxml/vuln/2023.xml | 36 ++++++++++++++++++++++++++++++++++++ + 1 file changed, 36 insertions(+) + +diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml +index eb3c8fd68d81..862e66ee01b6 100644 +--- a/security/vuxml/vuln/2023.xml ++++ b/security/vuxml/vuln/2023.xml +@@ -1,3 +1,39 @@ ++ <vuln vid="833b469b-5247-11ee-9667-080027f5fec9"> ++ <topic>curl -- HTTP headers eat all memory</topic> ++ <affects> ++ <package> ++ <name>curl</name> ++ <range><lt>8.3.0</lt></range> ++ </package> ++ </affects> ++ <description> ++ <body xmlns="http://www.w3.org/1999/xhtml"> ++ <p>selmelc on hackerone reports:</p> ++ <blockquote cite="https://curl.se/docs/CVE-2023-38039.html"> ++ <p> ++ When curl retrieves an HTTP response, it stores the ++ incoming headers so that they can be accessed later via ++ the libcurl headers API. ++ </p> ++ <p> ++ However, curl did not have a limit in how many or how ++ large headers it would accept in a response, allowing a ++ malicious server to stream an endless series of headers ++ and eventually cause curl to run out of heap memory. ++ </p> ++ </blockquote> ++ </body> ++ </description> ++ <references> ++ <cvename>CVE-2023-38039</cvename> ++ <url>https://curl.se/docs/CVE-2023-38039.html HERE</url> ++ </references> ++ <dates> ++ <discovery>2023-09-13</discovery> ++ <entry>2023-09-13</entry> ++ </dates> ++ </vuln> ++ + <vuln vid="b5508c08-547a-11ee-85eb-84a93843eb75"> + <topic>Roundcube -- XSS vulnerability</topic> + <affects> +-- +2.42.0 + |