CVE-2021-22945

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.

References

https://hackerone.com/reports/1269242

https://lists.fedoraproject.org/archives/list/[email protected]/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/

https://www.oracle.com/security-alerts/cpuoct2021.html

Details

Source: MITRE

Published: 2021-09-23

Updated: 2021-10-20

Type: CWE-415

Risk Information

CVSS v2

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 9.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Impact Score: 5.2

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:* versions from 7.73.0 to 7.78.0 (inclusive)

Configuration 2

OR

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
153812FreeBSD : cURL -- Multiple vulnerabilities (c9221ec9-17a2-11ec-b335-d4c9ef517024)NessusFreeBSD Local Security Checks
critical
153505Photon OS 2.0: Curl PHSA-2021-2.0-0392NessusPhotonOS Local Security Checks
critical
153503Photon OS 1.0: Curl PHSA-2021-1.0-0434NessusPhotonOS Local Security Checks
critical
153500Photon OS 3.0: Curl PHSA-2021-3.0-0301NessusPhotonOS Local Security Checks
critical
153494Photon OS 4.0: Curl PHSA-2021-4.0-0102NessusPhotonOS Local Security Checks
critical
153430Slackware Linux 14.0 / 14.1 / 14.2 / current curl Multiple Vulnerabilities (SSA:2021-258-01)NessusSlackware Local Security Checks
critical
153407Ubuntu 18.04 LTS / 20.04 LTS / 21.04 : curl vulnerabilities (USN-5079-1)NessusUbuntu Local Security Checks
critical