CVE-2016-8618 CRITICAL

Published: 2018-07-31 | Last Modified: 2026-06-17 | Status: Modified

Description

The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.

Additional Descriptions (1)

La función API de libcurl llamada "curl_maprintf()" en versiones anteriores a la 7.51.0 puede ser engañada para realizar una doble liberación (double free) debido a una multiplicación "size_t" insegura en sistemas que utilizan variables "size_t" de 32 bits.

CVSS Metrics

Base Score: 7.5 (HIGH)

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector	NETWORK
Access Complexity	LOW
Authentication	NONE
Confidentiality Impact	PARTIAL
Integrity Impact	PARTIAL
Availability Impact	PARTIAL

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 6.4

Weaknesses

Source	Type	Description
[email protected]	Secondary	en CWE-416
[email protected]	Primary	en CWE-415

Affected Products

Vendor	Product	Version	Update	Type
haxx	curl	*	<built-in method update of dict object at 0x72a9b0a7b040>	Application

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:haxx:curl::::::::`

References

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
Source: [email protected]
http://www.securityfocus.com/bid/94098
Source: [email protected]

Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037192
Source: [email protected]

Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:2486
Source: [email protected]

Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3558
Source: [email protected]
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8618
Source: [email protected]

Issue Tracking Patch Third Party Advisory
https://curl.haxx.se/docs/adv_20161102D.html
Source: [email protected]

Patch Vendor Advisory
https://security.gentoo.org/glsa/201701-47
Source: [email protected]

Third Party Advisory
https://www.tenable.com/security/tns-2016-21
Source: [email protected]

Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/94098
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037192
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:2486
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3558
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8618
Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking Patch Third Party Advisory
https://curl.haxx.se/docs/adv_20161102D.html
Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory
https://security.gentoo.org/glsa/201701-47
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://www.tenable.com/security/tns-2016-21
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory