Select your cookie preferences

We use cookies and similar tools to enhance your experience, provide our services, deliver relevant advertising, and make improvements. Approved third parties also use these tools to help us deliver advertising and provide certain site features.

CVE-2023-38545

Public on 2023-10-11
Modified on 2024-02-01
Description

An issue was found in curl that can cause a buffer overflow in its SOCKS5 proxy communications code.

When curl is using a SOCKS5 proxy and it needs to resolve a hostname to an IP address, its default behavior is to pass the hostname to the proxy and allow it to perform the resolution. In cases where the hostname is greater than 255 characters in length, curl will instead attempt to perform the resolution locally and then pass the resolved IP to the proxy for its use. Due to an issue in the curl source code, the logic that determines whether curl should resolve the name locally or pass it to the proxy for resolution could make an incorrect decision when a slow SOCKS5 handshake occurs. If this occurs, curl may inadvertently copy an excessively long host name, rather than the resolved address, into the target buffer being prepared for transmission to the proxy, resulting in a buffer overflow.

Severity
Important
See what this means
CVSS v3 Base Score
8.1
See breakdown
Continue reading

Affected Packages

Platform Package Release Date Advisory
Amazon Linux 2 - Core curl 2023-10-10 21:19 ALAS2-2023-2287
Amazon Linux 2023 curl 2023-10-10 19:32 ALAS2023-2023-377

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
NVD CVSSv3 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H