CVE-2024-2379
published 2024-03-27CVE-2024-2379: libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or…
PriorityP431medium6.3CVSS 3.1
AVNACLPRNUIRSUCLILAL
EPSS
1.71%
74.4th percentile
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos | < 12.7.6 | 12.7.6 |
| apple | macos | >= 13.0 < 13.6.8 | 13.6.8 |
| apple | macos | >= 14.0 < 14.6 | 14.6 |
| apple | macos_monterey | — | — |
| apple | macos_sonoma | — | — |
| apple | macos_ventura | — | — |
| curl | curl | 8.6.0 – 8.6.0 | — |
| debian | curl | < curl 8.7.1-1 (forky) | curl 8.7.1-1 (forky) |
| haxx | curl | — | — |
| haxx | curl | >= 0 < 8.7.1-1 | 8.7.1-1 |
| haxx | curl | >= 0 < 8.7.1-1 | 8.7.1-1 |
| msrc | azl3_cmake_3.29.6-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_cmake_3.30.3-2_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
CVSS provenance
nvdv3.16.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
osv6.3MEDIUM
vendor_debian6.3LOW
vendor_msrc6.3MEDIUM
vendor_redhat6.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SINEC NMS
cisa_ics·2024-11-14
Siemens SINEC NMS
ICS Advisory
##
Siemens SINEC NMS
Release DateNovember 14, 2024
Alert CodeICSA-24-319-04
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SINEC NMS
- Vulnerabilities: Improper Input Validation, Improper Check for Unusual or Exceptional Conditions, Out-of-bounds Write, Uncontro
CISA ICS
Siemens SINEMA
cisa_ics·2024-09-12·CVSS 9.8
[CRITICAL] Siemens SINEMA
ICS Advisory
##
Siemens SINEMA
Release DateSeptember 12, 2024
Alert CodeICSA-24-256-10
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 5.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SINEMA
- Vulnerabilities: Use After Free, Improper Input Validation, Improper Certificate Validation, Missing Release of Resource after Effective Lifetime, Improper Validation of Certificate with Host Mismatch, Insufficient Sessi
Apple
CVE-2024-2379: macOS Ventura 13.6.8
vendor_apple·2024-07-29·CVSS 6.3
CVE-2024-2379 [MEDIUM] CVE-2024-2379: macOS Ventura 13.6.8
Apple Security Update: About the security content of macOS Ventura 13.6.8
Product: macOS Ventura
Version: 13.6.8
CVE: CVE-2024-2379
Component: CVE-2024-2379
Apple
CVE-2024-2379: macOS Sonoma 14.6
vendor_apple·2024-07-29·CVSS 6.3
CVE-2024-2379 [MEDIUM] CVE-2024-2379: macOS Sonoma 14.6
Apple Security Update: About the security content of macOS Sonoma 14.6
Product: macOS Sonoma
Version: 14.6
CVE: CVE-2024-2379
Component: CVE-2024-2379
Apple
CVE-2024-2379: macOS Monterey 12.7.6
vendor_apple·2024-07-29·CVSS 6.3
CVE-2024-2379 [MEDIUM] CVE-2024-2379: macOS Monterey 12.7.6
Apple Security Update: About the security content of macOS Monterey 12.7.6
Product: macOS Monterey
Version: 12.7.6
CVE: CVE-2024-2379
Component: CVE-2024-2379
Red Hat
curl: QUIC certificate check bypass with wolfSSL
vendor_redhat·2024-03-27·CVSS 6.3
CVE-2024-2379 [MEDIUM] CWE-295 curl: QUIC certificate check bypass with wolfSSL
curl: QUIC certificate check bypass with wolfSSL
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
A flaw was found in curl. When libcurl is built to use wolfSSL as the TLS backend, it skips certificate verification for a QUIC connection if an unknown/bad cipher or curve is used.
Statement: The curl package as shipped by Red Hat Enterprise Linux and RHSCL is not affected by this vulnerability because it does not have support for wolfSSL.
Package: curl (Red Hat Enterprise Linux 10) - Not affected
Package: curl (Red Hat Enterprise Linux 6) - Not affected
Package: curl
Microsoft
QUIC certificate check bypass with wolfSSL
vendor_msrc·2024-03-12·CVSS 6.3
CVE-2024-2379 [MEDIUM] CWE-295 QUIC certificate check bypass with wolfSSL
QUIC certificate check bypass with wolfSSL
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
curl: curl
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/
Debian
CVE-2024-2379: curl - libcurl skips the certificate verification for a QUIC connection under certain c...
vendor_debian·2024·CVSS 6.3
CVE-2024-2379 [MEDIUM] CVE-2024-2379: curl - libcurl skips the certificate verification for a QUIC connection under certain c...
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
Scope: local
bookworm: open
bullseye: open
forky: resolved (fixed in 8.7.1-1)
sid: resolved (fixed in 8.7.1-1)
trixie: resolved (fixed in 8.7.1-1)
OSV
CVE-2024-2379: libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL
osv·2024-03-27·CVSS 6.3
CVE-2024-2379 [MEDIUM] CVE-2024-2379: libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
GHSA
GHSA-wr4c-gwg7-p734: libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL
ghsa_unreviewed·2024-03-27
CVE-2024-2379 [MEDIUM] CWE-295 GHSA-wr4c-gwg7-p734: libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
No detection rules found.
No public exploits indexed.
HackerOne
CVE-2024-2379: QUIC certificate check bypass with wolfSSL
hackerone·2024-03-29·CVSS 6.3
CVE-2024-2379 [MEDIUM] CVE-2024-2379: QUIC certificate check bypass with wolfSSL
CVE-2024-2379: QUIC certificate check bypass with wolfSSL
See https://hackerone.com/reports/2410774 or https://curl.se/docs/CVE-2024-2379.html
## Impact
See https://hackerone.com/reports/2410774 or https://curl.se/docs/CVE-2024-2379.html
CVE-2024-2379
QUIC certificate check bypass with wolfSSL
VULNERABILITY
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
INFO
To trigger, this issue also requires that the used wolfSSL library was built with the OPENSSL_COMPATIBLE_DEFAULTS symbol set, which is not set for the recommended configure --enable-curl builds.
The Common V
HackerOne
CVE-2024-2379: QUIC certificate check bypass with wolfSSL
hackerone·2024-03-27·CVSS 6.3
CVE-2024-2379 [MEDIUM] CVE-2024-2379: QUIC certificate check bypass with wolfSSL
CVE-2024-2379: QUIC certificate check bypass with wolfSSL
## Summary:
In `vquic-tls.c` `curl_wssl_init_ctx` errors are handled by `goto out` and having `result` be set to an error code to be returned. At the beginning of the function `result` is correctly set to `CURLE_FAILED_INIT` which allows for `goto out` to work correctly without having to set `result` however, `result`'s value is overridden at a certain point if `ctx_setup` is passed to the function. If `ctx_setup` returns 0 (the expected result) then it's assigned to `result` and any attempt after that to `goto out` without setting `result` to an error code will make the function skip the rest of its initialization and return with an error code indicating success.
Unfortunately the last thing `curl_wssl_init_ctx` is supposed to se
Bugzilla
CVE-2024-2379 curl: QUIC certificate check bypass with wolfSSL
bugzilla·2024-03-20·CVSS 6.3
CVE-2024-2379 [MEDIUM] CVE-2024-2379 curl: QUIC certificate check bypass with wolfSSL
CVE-2024-2379 curl: QUIC certificate check bypass with wolfSSL
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
To trigger, this issue also requires that the used wolfSSL library was built with the `OPENSSL_COMPATIBLE_DEFAULTS` symbol set, which is **not** set for the recommended `configure --enable-curl` builds.
This flaw is also accessible using the curl command line tool.
Reference:
https://curl.se/docs/CVE-2024-2379.html
Upstream patch:
https://github.com/curl/curl/commit/aedbbdf18e689a5eee8dc396
Discussion:
This issue has been addressed in the following produ
http://seclists.org/fulldisclosure/2024/Jul/18http://seclists.org/fulldisclosure/2024/Jul/19http://seclists.org/fulldisclosure/2024/Jul/20http://www.openwall.com/lists/oss-security/2024/03/27/2https://curl.se/docs/CVE-2024-2379.htmlhttps://curl.se/docs/CVE-2024-2379.jsonhttps://hackerone.com/reports/2410774https://security.netapp.com/advisory/ntap-20240531-0001/https://support.apple.com/kb/HT214118https://support.apple.com/kb/HT214119https://support.apple.com/kb/HT214120http://seclists.org/fulldisclosure/2024/Jul/18http://seclists.org/fulldisclosure/2024/Jul/19http://seclists.org/fulldisclosure/2024/Jul/20http://www.openwall.com/lists/oss-security/2024/03/27/2https://curl.se/docs/CVE-2024-2379.htmlhttps://curl.se/docs/CVE-2024-2379.jsonhttps://hackerone.com/reports/2410774https://security.netapp.com/advisory/ntap-20240531-0001/https://support.apple.com/kb/HT214118https://support.apple.com/kb/HT214119https://support.apple.com/kb/HT214120
2024-03-27
Published