CURL-CVE-2018-16840

See a problem?
Please try reporting it to the source first.

Source

https://curl.se/docs/CVE-2018-16840.html

Import Source

https://curl.se/docs/CURL-CVE-2018-16840.json

JSON Data

https://api.osv.dev/v1/vulns/CURL-CVE-2018-16840

Aliases

CVE-2018-16840

Published

2018-10-31T08:00:00Z

Modified

2024-07-02T09:22:24Z

Summary

use after free in handle close

Details

libcurl contains a heap use after free flaw in code related to closing an easy handle.

When closing and cleaning up an "easy" handle in the Curl_close() function, the library code first frees a struct (without clearing the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.

References

Credits

- Brian Carpenter (Geeknik Labs) - FINDER
- Daniel Stenberg - REMEDIATION_DEVELOPER

Affected packages

Git / github.com/curl/curl.git

Affected ranges

Type: SEMVER
Events: Introduced

7.59.0

Fixed

7.62.0

Type: GIT
Repo: https://github.com/curl/curl.git
Events: Introduced

b46cfbc068ebe90f18e9777b9e877e4934c1b5e3

Fixed

81d135d67155c5295b1033679c606165d4e28f3f

Affected versions

7.*

7.59.0

7.60.0

7.61.0

7.61.1