Ubuntu update for curl
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 |
| CWE-ID | CWE-400 CWE-276 CWE-347 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Ubuntu Operating systems & Components / Operating system curl (Ubuntu package) Operating systems & Components / Operating system package or component libcurl4 (Ubuntu package) Operating systems & Components / Operating system package or component libcurl3-nss (Ubuntu package) Operating systems & Components / Operating system package or component libcurl3-gnutls (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Resource exhaustion
EUVDB-ID: #VU64681
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32205
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to curl does not impose limits to the size of cookies stored in the system. A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and consume all available disk space.
Update the affected package curl to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 22.04
curl (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl4 (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl3-nss (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl3-gnutls (Ubuntu package): before 7.81.0-1ubuntu1.3
CPE2.3- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:21.10:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:
http://ubuntu.com/security/notices/USN-5495-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource exhaustion
EUVDB-ID: #VU64682
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32206
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insecure processing of compressed HTTP responses. A malicious server can send a specially crafted HTTP response to curl and perform a denial of service attack by forcing curl to spend enormous amounts of allocated heap memory, or trying to and returning out of memory errors.
MitigationUpdate the affected package curl to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 22.04
curl (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl4 (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl3-nss (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl3-gnutls (Ubuntu package): before 7.81.0-1ubuntu1.3
CPE2.3- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:21.10:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:
http://ubuntu.com/security/notices/USN-5495-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Incorrect default permissions
EUVDB-ID: #VU64684
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32207
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to incorrect default permissions set to cookies, alt-svc and hsts data stored in local files. A local user with ability to read such files can gain access to potentially sensitive information.
Update the affected package curl to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 22.04
curl (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl4 (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl3-nss (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl3-gnutls (Ubuntu package): before 7.81.0-1ubuntu1.3
CPE2.3- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:21.10:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:
http://ubuntu.com/security/notices/USN-5495-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper Verification of Cryptographic Signature
EUVDB-ID: #VU64685
Risk: Medium
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32208
CWE-ID:
CWE-347 - Improper Verification of Cryptographic Signature
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to improper handling of message verification failures when performing FTP transfers secured by krb5. A remote attacker can perform MitM attack and manipulate data.
Update the affected package curl to the latest version.
Vulnerable software versionsUbuntu: 18.04 - 22.04
curl (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl4 (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl3-nss (Ubuntu package): before 7.81.0-1ubuntu1.3
libcurl3-gnutls (Ubuntu package): before 7.81.0-1ubuntu1.3
CPE2.3- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:21.10:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:
http://ubuntu.com/security/notices/USN-5495-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
