vuln-list-alt/oval/c10f1/ALT-PU-2024-14880/definitions.json

{
  "Definition": [
    {
      "ID": "oval:org.altlinux.errata:def:202414880",
      "Version": "oval:org.altlinux.errata:def:202414880",
      "Class": "patch",
      "Metadata": {
        "Title": "ALT-PU-2024-14880: package `curl` update to version 8.10.0-alt1",
        "AffectedList": [
          {
            "Family": "unix",
            "Platforms": [
              "ALT Linux branch c10f1"
            ],
            "Products": [
              "ALT SP Workstation",
              "ALT SP Server"
            ]
          }
        ],
        "References": [
          {
            "RefID": "ALT-PU-2024-14880",
            "RefURL": "https://errata.altlinux.org/ALT-PU-2024-14880",
            "Source": "ALTPU"
          },
          {
            "RefID": "BDU:2024-05923",
            "RefURL": "https://bdu.fstec.ru/vul/2024-05923",
            "Source": "BDU"
          },
          {
            "RefID": "BDU:2024-06023",
            "RefURL": "https://bdu.fstec.ru/vul/2024-06023",
            "Source": "BDU"
          },
          {
            "RefID": "BDU:2024-06024",
            "RefURL": "https://bdu.fstec.ru/vul/2024-06024",
            "Source": "BDU"
          },
          {
            "RefID": "BDU:2024-07774",
            "RefURL": "https://bdu.fstec.ru/vul/2024-07774",
            "Source": "BDU"
          },
          {
            "RefID": "CVE-2024-6197",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2024-6874",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2024-7264",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2024-8096",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096",
            "Source": "CVE"
          }
        ],
        "Description": "This update upgrades curl to version 8.10.0-alt1. \nSecurity Fix(es):\n\n * BDU:2024-05923: Уязвимость функции GTime2str парсера ASN1 Parser библиотеки libcurl, позволяющая нарушителю вызвать октаз в обслуживании\n\n * BDU:2024-06023: Уязвимость функции utf8asn1str() парсера ASN1 утилиты командной строки cURL, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2024-06024: Уязвимость функции curl_url_get() утилиты командной строки cURL, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-07774: Уязвимость программного средства для взаимодействия с серверами curl, связанная c неправильной проверкой сертификата, позволяющая нарушителю оказывать влияние на целостность системы.\n\n * CVE-2024-6197: libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes `free()` on a 4 byte localstack buffer.  Most modern malloc implementations detect this error and immediately abort. Some however accept the input pointer and add that memory to its list of available chunks. This leads to the overwriting of nearby stack memory. The content of the overwrite is decided by the `free()` implementation; likely to be memory pointers and a set of flags.  The most likely outcome of exploting this flaw is a crash, although it cannot be ruled out that more serious results can be had in special circumstances.\n\n * CVE-2024-6874: libcurl's URL API function\n[curl_url_get()](https://curl.se/libcurl/c/curl_url_get.html) offers punycode\nconversions, to and from IDN. Asking to convert a name that is exactly 256\nbytes, libcurl ends up reading outside of a stack based buffer when built to\nuse the *macidn* IDN backend. The conversion function then fills up the\nprovided buffer exactly - but does not null terminate the string.\n\nThis flaw can lead to stack contents accidently getting returned as part of\nthe converted string.\n\n * CVE-2024-7264: libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.\n\n * CVE-2024-8096: When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine.  If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate.\n\n * #49883: curl --fail возвращает код ошибки 56 вместо 22",
        "Advisory": {
          "From": "errata.altlinux.org",
          "Severity": "High",
          "Rights": "Copyright 2024 BaseALT Ltd.",
          "Issued": {
            "Date": "2024-11-14"
          },
          "Updated": {
            "Date": "2024-11-14"
          },
          "BDUs": [
            {
              "ID": "BDU:2024-05923",
              "CVSS": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
              "CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
              "CWE": "CWE-125",
              "Href": "https://bdu.fstec.ru/vul/2024-05923",
              "Impact": "Low",
              "Public": "20240731"
            },
            {
              "ID": "BDU:2024-06023",
              "CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
              "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "CWE-590",
              "Href": "https://bdu.fstec.ru/vul/2024-06023",
              "Impact": "High",
              "Public": "20240619"
            },
            {
              "ID": "BDU:2024-06024",
              "CVSS": "AV:N/AC:H/Au:S/C:P/I:N/A:N",
              "CVSS3": "AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
              "CWE": "CWE-126",
              "Href": "https://bdu.fstec.ru/vul/2024-06024",
              "Impact": "Low",
              "Public": "20240417"
            },
            {
              "ID": "BDU:2024-07774",
              "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
              "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
              "CWE": "CWE-295",
              "Href": "https://bdu.fstec.ru/vul/2024-07774",
              "Impact": "Low",
              "Public": "20240911"
            }
          ],
          "CVEs": [
            {
              "ID": "CVE-2024-6197",
              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "NVD-CWE-Other",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197",
              "Impact": "High",
              "Public": "20240724"
            },
            {
              "ID": "CVE-2024-6874",
              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
              "CWE": "CWE-125",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874",
              "Impact": "Low",
              "Public": "20240724"
            },
            {
              "ID": "CVE-2024-7264",
              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "CWE": "CWE-125",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264",
              "Impact": "Low",
              "Public": "20240731"
            },
            {
              "ID": "CVE-2024-8096",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096",
              "Impact": "None",
              "Public": "20240911"
            }
          ],
          "Bugzilla": [
            {
              "ID": "49883",
              "Href": "https://bugzilla.altlinux.org/49883",
              "Data": "curl --fail возвращает код ошибки 56 вместо 22"
            }
          ],
          "AffectedCPEs": {
            "CPEs": [
              "cpe:/o:alt:spworkstation:10",
              "cpe:/o:alt:spserver:10"
            ]
          }
        }
      },
      "Criteria": {
        "Operator": "AND",
        "Criterions": [
          {
            "TestRef": "oval:org.altlinux.errata:tst:5001",
            "Comment": "ALT Linux must be installed"
          }
        ],
        "Criterias": [
          {
            "Operator": "OR",
            "Criterions": [
              {
                "TestRef": "oval:org.altlinux.errata:tst:202414880001",
                "Comment": "curl is earlier than 0:8.10.0-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:202414880002",
                "Comment": "libcurl is earlier than 0:8.10.0-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:202414880003",
                "Comment": "libcurl-devel is earlier than 0:8.10.0-alt1"
              }
            ]
          }
        ]
      }
    }
  ]
}