CVE-2023-28320: A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build…

Siemens SINEC NMS ICS Advisory ## Siemens SINEC NMS Release DateFebruary 15, 2024 Alert CodeICSA-24-046-15 As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF ## 1. EXECUTIVE SUMMARY - CVSS v3 9.8 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Siemens - Equipment: SINEC NMS - Vulnerabilities: Out-of-bounds Read, Inadequate Encryption Strength, Double Free, Use After Free, NULL Pointer Dereference, Improper Input Validation, Missing Encryption of Sensitive Data, Allocation of Resources Wit

CVE-2023-28320 [MEDIUM] CVE-2023-28320: macOS Big Sur 11.7.9 Apple Security Update: About the security content of macOS Big Sur 11.7.9 Product: macOS Big Sur Version: 11.7.9 CVE: CVE-2023-28320 Component: CVE-2023-28320

CVE-2023-28320 [MEDIUM] CVE-2023-28320: macOS Ventura 13.5 Apple Security Update: About the security content of macOS Ventura 13.5 Product: macOS Ventura Version: 13.5 CVE: CVE-2023-28320 Component: CVE-2023-28320

CVE-2023-28320 [MEDIUM] CVE-2023-28320: macOS Monterey 12.6.8 Apple Security Update: About the security content of macOS Monterey 12.6.8 Product: macOS Monterey Version: 12.6.8 CVE: CVE-2023-28320 Component: CVE-2023-28320

CVE-2023-28320 [MEDIUM] CWE-662 curl: siglongjmp race condition may lead to crash curl: siglongjmp race condition may lead to crash A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. Statement: This vulnerability does not affect versions of the curl package as shipped with Red Hat Enterprise Linux 6,7,8 and 9. Package: rh-dotnet31-curl (.NET Core 3.1 on Red Hat Enterprise Linux) - Out of support scope Package: curl (Red Hat Enterprise Linux 6) - Out of support scope Packa

CVE-2023-28320 [MEDIUM] CWE-362 A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names selected at build time. If it is built to use the synchronous r A denial of service vulnerability exists in curl Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this. Mariner: Mariner hackerone: hackerone Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.micr

CVE-2023-28320 [MEDIUM] CVE-2023-28320: curl - A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl prov... A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. Scope: local bookworm: resolved (fixed in 7.88.1-10) bullseye: open forky: resolved (fixed in 7.88.1-10) sid: resolved (fixed in 7.88.1-10) trixie: resolved (fixed in 7.88.1-10)

CVE-2023-28320 [MEDIUM] CVE-2023-28320: A denial of service vulnerability exists in curl <v8 A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.

CVE-2023-28320 [MEDIUM] CWE-362 GHSA-c8wj-435x-f2cc: A denial of service vulnerability exists in curl <v8 A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.

CVE-2023-28320 [MEDIUM] CVE-2023-28320 - siglongjmp race condition CVE-2023-28320 - siglongjmp race condition libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using alarm() and siglongjmp(). When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. ## Impact Denial of service due to a crash (likely) or possibly other impacts.

CVE-2023-28320 [MEDIUM] CVE-2023-28320: siglongjmp race condition CVE-2023-28320: siglongjmp race condition ## Summary: If the system has no POSIX or Windows threading support, `USE_ALARM_TIMEOUT` codepath will be used in `lib/hostip.c`. If two threads will perform DNS resolving, a wrong register context can be used on the signal handler`siglongjmp` call if DNS timeout occurs. Typically this results in segmentation fault, but depending on platform specifics other impacts might be possible (but unlikely). The documentation warns against this very issue in https://curl.se/libcurl/c/threadsafe.html `It is important that libcurl can find and use thread safe versions of these and other system calls, as otherwise it cannot function fully thread safe.` The issue is that there is no way for the application using libcurl to know if the library is MT safe for DN