SB2019030508 - Heap out-of-bounds read in curl (Alpine package)
Published: March 5, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Heap out-of-bounds read (CVE-ID: CVE-2018-16890)
The vulnerability allows a remote attacker to gain access to potentially sensitive information or cause the service to crash.
The vulnerability exists due to a integer overflow in the function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly. A remote attacker on malicious or broken NTLM server can trick the victim into accepting a bad length + offset combination, trigger heap out-of-bounds read error and read contents of memory on the system or cause the service to crash..
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=f8e74ed5d486b34f474038f07979498dba33a6f1
- https://git.alpinelinux.org/aports/commit/?id=ac94a85a568f6fd5302de777d3614ed19d26ea07
- https://git.alpinelinux.org/aports/commit/?id=5ba18f0ca5e2e4f2371cf806a531c993d2b9689b
- https://git.alpinelinux.org/aports/commit/?id=d3a946561011a260c6b7a31fa0714a943e38cdfa
- https://git.alpinelinux.org/aports/commit/?id=f7cc724b9adaf1c7da74f14c8664294e44e73e99