Heap Use-After-Free Vulnerability in cURL by Daniel Stenberg
CVE-2018-16840

9.8CRITICAL

Key Information:

Vendor

The Curl Project

Status
Curl
Vendor
CVE Published:
31 October 2018

What is CVE-2018-16840?

A heap use-after-free vulnerability exists in cURL versions 7.59.0 to 7.61.1. The issue arises in the handling of 'easy' handles, where the Curl_close() function improperly frees a struct without nullifying its pointer. This oversight can lead to unintentional writes to fields in memory that have already been freed, potentially causing application instability or other unintended behaviors.

Affected Version(s)

curl from 7.59.0 to 7.61.1

References

https://security.gentoo.org/glsa/201903-03
vendor-advisoryx_refsource_GENTOO
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16840
x_refsource_CONFIRM
https://github.com/curl/curl/commit/81d135d67155c5295b103...
x_refsource_CONFIRM

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.