curl / Mailing Lists / curl-users / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

[SECURITY ADVISORY] curl: schannel cipher selection surprise

From: Daniel Stenberg via curl-users <curl-users_at_cool.haxx.se>
Date: Wed, 26 May 2021 08:43:37 +0200 (CEST)

schannel cipher selection surprise
==================================

Project curl Security Advisory, May 26th 2021 -
[Permalink](https://curl.se/docs/CVE-2021-22897.html)

VULNERABILITY
-------------

libcurl lets applictions specify which specific TLS ciphers to use in
transfers, using the option called `CURLOPT_SSL_CIPHER_LIST`. The cipher
selection is used for the TLS negotation when a transfer is done involving any
of the TLS based transfer protocols libcurl supports, such as HTTPS, FTPS,
IMAPS, POP3S, SMTPS etc.

Due to a mistake in the code, the selected cipher set was stored in a single
"static" variable in the library, which has the surprising side-effect that if
an application sets up multiple concurrent transfers, the last one that sets
the ciphers will accidentally control the set used by all transfers. In a
worst-case scenario, this weakens transport security significantly.

We are not aware of any exploit of this flaw.

INFO
----
This flaw has existed in libcurl since commit
[9aefbff30d280c60fc](https://github.com/curl/curl/commit/9aefbff30d280c60fc)
in libcurl 7.61.0, released on July 11, 2018.
It can only trigger when Schannel is used, which is the native TLS library in
Microsoft Windows.
The Common Vulnerabilities and Exposures (CVE) project has assigned the name
CVE-2021-22897 to this issue.
CWE-488: Exposure of Data Element to Wrong Session
Severity: Low
AFFECTED VERSIONS
-----------------
This issue only exists when libcurl is built to use Schannel.
- Affected versions: libcurl 7.61.0 to and including 7.76.1
- Not affected versions: libcurl < 7.61.0 and libcurl >= 7.77.0
Also note that libcurl is used by many applications, and not always advertised
as such.
THE SOLUTION
------------
Store the cipher selection in data associated with the connection.
A [fix for CVE-2021-22897](https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511)
RECOMMENDATIONS
--------------
If you're using an Schannel based libcurl, We suggest you take one of the
following actions immediately, in order of preference:
  A - Upgrade libcurl to version 7.77.0
  B - Apply the patch to your local version
  C - Avoid using `CURLOPT_SSL_CIPHER_LIST`
TIMELINE
--------
This issue was reported to the curl project on April 23, 2021.
This advisory was posted on May 26, 2021.
CREDITS
-------
This issue was reported by Harry Sintonen. Patch by Daniel Stenberg.
Thanks a lot!
-- 
  / daniel.haxx.se
  | Commercial curl support up to 24x7 is available!
  | Private help, bug fixes, support, ports, new features
  | https://www.wolfssl.com/contact/
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2021-05-26