UBUNTU-CVE-2021-22947

Source
https://ubuntu.com/security/CVE-2021-22947
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-22947.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-22947
Related
Published
2021-09-15T00:00:00Z
Modified
2021-09-15T00:00:00Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got before the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.

References

Affected packages

Ubuntu:Pro:14.04:LTS / curl

Package

Name
curl
Purl
pkg:deb/ubuntu/curl?arch=src?distro=trusty/esm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.35.0-1ubuntu2.20+esm8

Affected versions

7.*

7.32.0-1ubuntu1
7.33.0-1ubuntu1
7.34.0-1ubuntu1
7.35.0-1ubuntu1
7.35.0-1ubuntu2
7.35.0-1ubuntu2.1
7.35.0-1ubuntu2.2
7.35.0-1ubuntu2.3
7.35.0-1ubuntu2.5
7.35.0-1ubuntu2.6
7.35.0-1ubuntu2.7
7.35.0-1ubuntu2.8
7.35.0-1ubuntu2.9
7.35.0-1ubuntu2.10
7.35.0-1ubuntu2.11
7.35.0-1ubuntu2.12
7.35.0-1ubuntu2.13
7.35.0-1ubuntu2.14
7.35.0-1ubuntu2.15
7.35.0-1ubuntu2.16
7.35.0-1ubuntu2.17
7.35.0-1ubuntu2.19
7.35.0-1ubuntu2.20
7.35.0-1ubuntu2.20+esm3
7.35.0-1ubuntu2.20+esm4
7.35.0-1ubuntu2.20+esm5
7.35.0-1ubuntu2.20+esm6
7.35.0-1ubuntu2.20+esm7

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "curl"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "curl-dbgsym"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "curl-udeb"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "curl-udeb-dbgsym"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl3"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl3-dbg"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl3-dbgsym"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl3-gnutls"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl3-gnutls-dbgsym"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl3-nss"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl3-nss-dbgsym"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl3-udeb"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl3-udeb-dbgsym"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl4-doc"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl4-gnutls-dev"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl4-gnutls-dev-dbgsym"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl4-nss-dev"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl4-nss-dev-dbgsym"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl4-openssl-dev"
        },
        {
            "binary_version": "7.35.0-1ubuntu2.20+esm8",
            "binary_name": "libcurl4-openssl-dev-dbgsym"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / curl

Package

Name
curl
Purl
pkg:deb/ubuntu/curl?arch=src?distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.47.0-1ubuntu2.19+esm1

Affected versions

7.*

7.43.0-1ubuntu2
7.45.0-1ubuntu1
7.46.0-1ubuntu1
7.47.0-1ubuntu1
7.47.0-1ubuntu2
7.47.0-1ubuntu2.1
7.47.0-1ubuntu2.2
7.47.0-1ubuntu2.3
7.47.0-1ubuntu2.4
7.47.0-1ubuntu2.5
7.47.0-1ubuntu2.6
7.47.0-1ubuntu2.7
7.47.0-1ubuntu2.8
7.47.0-1ubuntu2.9
7.47.0-1ubuntu2.11
7.47.0-1ubuntu2.12
7.47.0-1ubuntu2.13
7.47.0-1ubuntu2.14
7.47.0-1ubuntu2.15
7.47.0-1ubuntu2.16
7.47.0-1ubuntu2.18
7.47.0-1ubuntu2.19

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "curl"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "curl-dbgsym"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl3"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl3-dbg"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl3-dbgsym"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl3-gnutls"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl3-gnutls-dbgsym"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl3-nss"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl3-nss-dbgsym"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl4-doc"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl4-gnutls-dev"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl4-gnutls-dev-dbgsym"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl4-nss-dev"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl4-nss-dev-dbgsym"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl4-openssl-dev"
        },
        {
            "binary_version": "7.47.0-1ubuntu2.19+esm1",
            "binary_name": "libcurl4-openssl-dev-dbgsym"
        }
    ]
}

Ubuntu:18.04:LTS / curl

Package

Name
curl
Purl
pkg:deb/ubuntu/curl?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.58.0-2ubuntu3.15

Affected versions

7.*

7.55.1-1ubuntu2
7.55.1-1ubuntu2.1
7.57.0-1ubuntu1
7.58.0-2ubuntu1
7.58.0-2ubuntu2
7.58.0-2ubuntu3
7.58.0-2ubuntu3.1
7.58.0-2ubuntu3.2
7.58.0-2ubuntu3.3
7.58.0-2ubuntu3.5
7.58.0-2ubuntu3.6
7.58.0-2ubuntu3.7
7.58.0-2ubuntu3.8
7.58.0-2ubuntu3.9
7.58.0-2ubuntu3.10
7.58.0-2ubuntu3.12
7.58.0-2ubuntu3.13
7.58.0-2ubuntu3.14

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "curl"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "curl-dbgsym"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "libcurl3-gnutls"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "libcurl3-gnutls-dbgsym"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "libcurl3-nss"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "libcurl3-nss-dbgsym"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "libcurl4"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "libcurl4-dbgsym"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "libcurl4-doc"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "libcurl4-gnutls-dev"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "libcurl4-nss-dev"
        },
        {
            "binary_version": "7.58.0-2ubuntu3.15",
            "binary_name": "libcurl4-openssl-dev"
        }
    ]
}

Ubuntu:20.04:LTS / curl

Package

Name
curl
Purl
pkg:deb/ubuntu/curl?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.68.0-1ubuntu2.7

Affected versions

7.*

7.65.3-1ubuntu3
7.65.3-1ubuntu4
7.66.0-1ubuntu1
7.67.0-2ubuntu1
7.68.0-1ubuntu1
7.68.0-1ubuntu2
7.68.0-1ubuntu2.1
7.68.0-1ubuntu2.2
7.68.0-1ubuntu2.4
7.68.0-1ubuntu2.5
7.68.0-1ubuntu2.6

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "curl"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "curl-dbgsym"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "libcurl3-gnutls"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "libcurl3-gnutls-dbgsym"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "libcurl3-nss"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "libcurl3-nss-dbgsym"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "libcurl4"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "libcurl4-dbgsym"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "libcurl4-doc"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "libcurl4-gnutls-dev"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "libcurl4-nss-dev"
        },
        {
            "binary_version": "7.68.0-1ubuntu2.7",
            "binary_name": "libcurl4-openssl-dev"
        }
    ]
}

Ubuntu:22.04:LTS / curl

Package

Name
curl
Purl
pkg:deb/ubuntu/curl?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.74.0-1.3ubuntu2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "curl"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "curl-dbgsym"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "libcurl3-gnutls"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "libcurl3-gnutls-dbgsym"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "libcurl3-nss"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "libcurl3-nss-dbgsym"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "libcurl4"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "libcurl4-dbgsym"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "libcurl4-doc"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "libcurl4-gnutls-dev"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "libcurl4-nss-dev"
        },
        {
            "binary_version": "7.74.0-1.3ubuntu2",
            "binary_name": "libcurl4-openssl-dev"
        }
    ]
}