Ubuntu Security Notice 6363-1 - It was discovered that curl incorrectly handled certain large headers. A remote attacker could possibly use this issue to cause curl to consume resources, resulting in a denial of service.
c89702b030cc64f8d3350e64da7330b42effa8bc29777a3d99e868602c7788e5==========================================================================
Ubuntu Security Notice USN-6363-1
September 13, 2023
curl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
Summary:
curl could be made to consume resources if it received specially crafted
network traffic.
Software Description:
- curl: HTTP, HTTPS, and FTP client and client libraries
Details:
It was discovered that curl incorrectly handled certain large headers. A
remote attacker could possibly use this issue to cause curl to consume
resources, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.04:
curl 7.88.1-8ubuntu2.2
libcurl3-gnutls 7.88.1-8ubuntu2.2
libcurl3-nss 7.88.1-8ubuntu2.2
libcurl4 7.88.1-8ubuntu2.2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6363-1
CVE-2023-38039
Package Information:
https://launchpad.net/ubuntu/+source/curl/7.88.1-8ubuntu2.2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed