CURL-CVE-2022-35260

See a problem?
Please try reporting it to the source first.
Source
https://curl.se/docs/CVE-2022-35260.html
Import Source
https://curl.se/docs/CURL-CVE-2022-35260.json
JSON Data
https://api.osv.dev/v1/vulns/CURL-CVE-2022-35260
Aliases
Published
2022-10-26T08:00:00Z
Modified
2024-06-07T13:53:51Z
Summary
.netrc parser out-of-bounds access
Details

curl can be told to parse a .netrc file for credentials. If that file ends in a line with consecutive non-white space letters and no newline, curl could read past the end of the stack-based buffer, and if the read works, write a zero byte possibly beyond its boundary.

This does in most cases cause a segfault or similar, but circumstances might also cause different outcomes.

If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.

Database specific 
{
    "CWE": {
        "id": "CWE-121",
        "desc": "Stack-based Buffer Overflow"
    },
    "award": {
        "amount": "480",
        "currency": "USD"
    },
    "URL": "https://curl.se/docs/CVE-2022-35260.json",
    "package": "curl",
    "severity": "Low",
    "issue": "https://hackerone.com/reports/1721098",
    "www": "https://curl.se/docs/CVE-2022-35260.html",
    "last_affected": "7.85.0"
}
References
Credits
    • Hiroki Kurosawa - FINDER
    • Daniel Stenberg - REMEDIATION_DEVELOPER

Affected packages

Git / github.com/curl/curl.git

Affected ranges

Type
SEMVER
Events
Introduced
7.84.0
Fixed
7.86.0
Type
GIT
Repo
https://github.com/curl/curl.git
Events
Introduced
eeaae10c0fb27aa066fdc296074edeacfdeb6522
Fixed
c97ec984fb2bc919a3aa863e0476dffa377b184c

Affected versions

7.*

7.84.0
7.85.0