CERTINFO never-ending busy-loop
Project curl Security Advisory, May 11 2022 - Permalink
libcurl provides the
CURLOPT_CERTINFO option to allow applications to request details to be returned about a TLS server's certificate chain.
Due to an erroneous function, a malicious server could make libcurl built with NSS get stuck in a never-ending busy-loop when trying to retrieve that information.
This feature is not accessible from the command line tool.
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2022-27781 to this issue.
CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
- Affected versions: curl 7.34.0 to and including 7.83.0
- Not affected versions: curl < 7.34.0 and curl >= 7.83.1
- Introduced-in: https://github.com/curl/curl/commit/f6c335d63f
libcurl is used by many applications, but not always advertised as such!
A - Upgrade curl to version 7.83.1
B - Apply the patch to your local version
C - Do not use the
This issue was reported to the curl project on April 30, 2022. We contacted distros@openwall on May 5.
libcurl 7.83.1 was released on May 11 2022, coordinated with the publication of this advisory.
- Reported-by: Florian Kohnhäuser
- Patched-by: Daniel Stenberg
Thanks a lot!