CVE-2018-16839Heap-based Buffer Overflow in Curl

CWE-122Heap-based Buffer OverflowCWE-190Integer Overflow or WraparoundCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer12 documents9 sources
Severity
9.8CRITICALNVD
EPSS
0.4%
top 41.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Haxx CurlTHE Curl Project CurlCanonical Ubuntu Linux+1 more
Timeline
PublishedOct 31
Latest updateMay 13

Description

Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

Debianhaxx/curl< 7.62.0-1+3
Ubuntuhaxx/curl< 7.35.0-1ubuntu2.19+2
NVDhaxx/curl7.33.07.61.1
CVEListV5the_curl_project/curlfrom 7.33.0 to 7.61.1

Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10

Patches

Patch: curl.haxx.sePatch: github.comPatch: curl.haxx.se

🔴Vulnerability Details

4
GHSA
GHSA-g54v-fj63-pm34: Curl versions 72022-05-13
CVEList
CVE-2018-16839: Curl versions 72018-10-31
OSV
CVE-2018-16839: Curl versions 72018-10-31
OSV
curl vulnerabilities2018-10-31

📋Vendor Advisories

3
Ubuntu
curl vulnerabilities2018-10-31
Red Hat
curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message()2018-10-31
Debian
CVE-2018-16839: curl - Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SA...2018

💬Community

4
HackerOne
Curl_auth_create_plain_message integer overflow leads to heap buffer overflow2021-01-08
Bugzilla
CVE-2018-16839 mingw-curl: curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message() [epel-7]2018-10-31
Bugzilla
CVE-2018-16839 curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message() [fedora-all]2018-10-31
Bugzilla
CVE-2018-16839 curl: Integer overflow leading to heap-based buffer overflow in Curl_sasl_create_plain_message()2018-10-24
CVE-2018-16839 — Heap-based Buffer Overflow in Curl | cvebase