Buffer overflow in curl (Alpine package)

1) Buffer overflow

EUVDB-ID: #VU33154

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-7407

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read.

Mitigation

Install update from vendor's website.

Vulnerable software versions

curl (Alpine package): 7.52.1-r0 - 7.52.1-r1

External links

http://git.alpinelinux.org/aports/commit/?id=e57c1f8b95e9a6aecc75e9eaae6c7bf9e259adb6
http://git.alpinelinux.org/aports/commit/?id=7079fe21530ae1c8147925d8b591131b786ab2e9
http://git.alpinelinux.org/aports/commit/?id=8e6f31c56dbe2966fb43113f9c7c1039bbef9865
http://git.alpinelinux.org/aports/commit/?id=619d9f8608068fab555a9a54e6154eb798eb5c2c
http://git.alpinelinux.org/aports/commit/?id=02d241912508f1cd6d33a41a8b8a0117385fdbbe
http://git.alpinelinux.org/aports/commit/?id=085ece4cfcbecb4f3ff3bbd6ea2696099f7ba414
http://git.alpinelinux.org/aports/commit/?id=39696e7a1a7079578ea07cb9514fd0c50105340e
http://git.alpinelinux.org/aports/commit/?id=4bd40a7ac5ab979704fdf2142af6cbbe2a9329a4

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.