You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
libcurl can be told to save cookie, HSTS and/or alt-svc data to files. When doing this, it called stat() followed by fopen() in a way that made it vulnerable to a TOCTOU race condition problem.
By exploiting this flaw, an attacker could trick the victim to create or overwrite protected files holding this data in ways it was not intended to.
INFO
The attacker needs permissions and rights enough to be able to create or rename directory entries in the directory the victim saves their files.
This race condition modifies the behavior of symbolic link files in affected components, they might be followed instead of being overwritten when the condition is met leading to undesired and potentially destructive behavior.
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2023-32001 to this issue.
Name: curl
CVEs: CVE-2023-32001
CVSSs: 5.0
Action Needed: update to >= 8.2.0
Summary:
VULNERABILITY
libcurl can be told to save cookie, HSTS and/or alt-svc data to files. When doing this, it called
stat()
followed byfopen()
in a way that made it vulnerable to a TOCTOU race condition problem.By exploiting this flaw, an attacker could trick the victim to create or overwrite protected files holding this data in ways it was not intended to.
INFO
The attacker needs permissions and rights enough to be able to create or rename directory entries in the directory the victim saves their files.
This race condition modifies the behavior of symbolic link files in affected components, they might be followed instead of being overwritten when the condition is met leading to undesired and potentially destructive behavior.
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2023-32001 to this issue.
AFFECTED VERSIONS
See also https://seclists.org/oss-sec/2023/q3/41.
Gentoo: https://bugs.gentoo.org/910564
The text was updated successfully, but these errors were encountered: