First published: Tue Jan 29 2019(Updated: )
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Haxx Libcurl | >=7.36.0<7.64.0 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =18.10 | |
Debian Debian Linux | =9.0 | |
NetApp Clustered Data ONTAP | ||
Siemens Sinema Remote Connect Client | <=2.0 | |
Oracle Communications Operations Monitor | =3.4 | |
Oracle Communications Operations Monitor | =4.0 | |
Oracle HTTP Server | =12.2.1.3.0 | |
Oracle Secure Global Desktop | =5.4 | |
Redhat Enterprise Linux | =8.0 | |
F5 Big-ip Access Policy Manager | >=13.1.0<=13.1.3 | |
F5 Big-ip Access Policy Manager | >=14.0.0<=14.1.2 | |
F5 Big-ip Access Policy Manager | >=15.0.0<=15.0.1 | |
redhat/curl | <7.64.0 | 7.64.0 |
F5 BIG-IP Access Policy Manager | >=13.1.0<=13.1.3 | |
F5 BIG-IP Access Policy Manager | >=14.0.0<=14.1.2 | |
F5 BIG-IP Access Policy Manager | >=15.0.0<=15.0.1 | |
ubuntu/curl | <7.58.0-2ubuntu3.6 | 7.58.0-2ubuntu3.6 |
ubuntu/curl | <7.61.0-1ubuntu2.3 | 7.61.0-1ubuntu2.3 |
ubuntu/curl | <7.64.0 | 7.64.0 |
ubuntu/curl | <7.47.0-1ubuntu2.12 | 7.47.0-1ubuntu2.12 |
debian/curl | 7.74.0-1.3+deb11u12 7.74.0-1.3+deb11u11 7.88.1-10+deb12u6 7.88.1-10+deb12u5 8.8.0-4 8.9.1-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-16890 is a vulnerability in libcurl versions from 7.36.0 to before 7.64.0 that allows for a heap buffer out-of-bounds read.
The severity of CVE-2018-16890 is high, with a severity value of 7.5.
CVE-2018-16890 can lead to a heap buffer out-of-bounds read in libcurl, potentially causing information leakage or denial of service.
Libcurl versions from 7.36.0 to before 7.64.0 are affected by CVE-2018-16890.
To fix the CVE-2018-16890 vulnerability in libcurl, update to version 7.64.0 or later.