SB2019020629 - Heap out-of-bounds read in curl (Alpine package)
Published: February 6, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Heap out-of-bounds read (CVE-ID: CVE-2019-3823)
The vulnerability allows a remote attacker to gain access to potentially sensitive information or cause the service to crash.
The vulnerability exists due to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. A remote attacker can trigger heap out-of-bounds read error and read contents of memory on the system or cause the service to crash..
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=5ba18f0ca5e2e4f2371cf806a531c993d2b9689b
- https://git.alpinelinux.org/aports/commit/?id=d3a946561011a260c6b7a31fa0714a943e38cdfa
- https://git.alpinelinux.org/aports/commit/?id=f7cc724b9adaf1c7da74f14c8664294e44e73e99
- https://git.alpinelinux.org/aports/commit/?id=9a196002b469339f47b2d93361aced8256aa4dce
- https://git.alpinelinux.org/aports/commit/?id=203cb413da1ecf416412c7b7d53213b1c2b22a09