The Curl application is a tool many software programs use to transmit various types of data to and from servers. It's essentially a workhorse allowing the other programs on your computer to communicate with the internet in a standard and efficient manner.
However, a security vulnerability, officially known as CVE-2023-38545, was recently discovered in Curl. This vulnerability is associated with the handling of unusually long hostnames during a process called a SOCKS5 proxy handshake, which is a common procedure for setting up network connections.
Due to this vulnerability, if Curl encounters a hostname that is excessively long, it could lead to a scenario commonly referred to as a "buffer overflow". This happens when the data exceeds the space that was initially allocated for it, and it can potentially harm the system.
As a user, you must be aware that any software, apps, or applications on your system using Curl could become a point of attack from malicious entities, who could potentially exploit this vulnerability for nefarious purposes, such as unauthorized access or manipulation of data.
To rectify this issue and protect itself from potential attacks, Curl has released an update, version 8.4.0, which includes a fix for this buffer overflow problem. Meanwhile, on the feature side, Curl 8.4 supports IPFS protocols via HTTP gateways. Curl 8.4 also drops support for legacy MinGW.org toolchains. By upgrading to this version or a later one, you'd be patching this vulnerability, thereby preventing the potential risks associated with it.
This is why it's important that individuals using Curl update to the latest version. It's a matter of practicing good digital hygiene, like locking your house door when you leave, and ensuring you're doing everything possible to keep potential intruders out. In the digital world, this often means keeping our software updated and patched against known vulnerabilities. So, it's highly recommended that you upgrade Curl to keep your system secure.
More details on all of the Curl 8.4 changes via Curl.se.
Debian, Fedora, Mageia, Slackware, and Ubuntu have released advisory updates addressing this issue. Given this vulnerability's severe threat to impacted systems, if left unpatched, we urge all affected users to apply these updates as soon as possible to protect against arbitrary code execution, potentially leading to the compromise of your critical systems and sensitive data.
To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user, subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.
Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).