Wind River Support Network


LIN10-4881 : Security Advisory - curl - CVE-2018-16839

Created: Oct 31, 2018    Updated: Dec 16, 2018
Resolved Date: Nov 8, 2018
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace


libcurl contains a buffer overrun in the SASL authentication code. The internal function Curl_auth_create_plain_message fails to correctly verify that the passed in lengths for name and password aren't too long, then calculates a buffer size to allocate. On systems with a 32 bit size_t, the math to calculate the buffer size triggers an integer overflow when the user name length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. 

Other Downloads


Live chat