CVE-2022-27781

NameCVE-2022-27781
Descriptionlibcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3085-1, DSA-5197-1, ELA-664-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
curl (PTS)jessie, jessie (lts)7.38.0-4+deb8u28fixed
stretch (security)7.52.1-5+deb9u16vulnerable
stretch (lts), stretch7.52.1-5+deb9u22fixed
buster, buster (lts)7.64.0-4+deb10u10fixed
buster (security)7.64.0-4+deb10u9fixed
bullseye7.74.0-1.3+deb11u13fixed
bullseye (security)7.74.0-1.3+deb11u14fixed
bookworm7.88.1-10+deb12u8fixed
bookworm (security)7.88.1-10+deb12u5fixed
sid, trixie8.11.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
curlsourcejessie7.38.0-4+deb8u23ELA-664-1
curlsourcestretch7.52.1-5+deb9u17ELA-664-1
curlsourcebuster7.64.0-4+deb10u3DLA-3085-1
curlsourcebullseye7.74.0-1.3+deb11u2DSA-5197-1
curlsource(unstable)7.83.1-1

Notes

https://www.openwall.com/lists/oss-security/2022/05/11/4
https://curl.se/docs/CVE-2022-27781.html
Introduced by: https://github.com/curl/curl/commit/f6c335d63f2da025a0a3efde1fe59e3bb7189b70 (curl-7_34_0)
Fixed by: https://github.com/curl/curl/commit/curl-7_83_1)

Search for package or bug name: Reporting problems