CVE-2023-23916 — MEDIUM (6.5)

Q: How severe is CVE-2023-23916?

CVE-2023-23916 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-23916?

Check the references section above for vendor advisories and patch information. Affected products include: Haxx Curl, Fedoraproject Fedora, Debian Debian Linux, Netapp H300S Firmware, Netapp H300S.

Vulnerability Description

An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Haxx	Curl	>= 7.57.0, < 7.88.0
Fedoraproject	Fedora	36
Debian	Debian Linux	10.0
Netapp	H300S Firmware	-
Netapp	H300S	-
Netapp	H500S Firmware	-
Netapp	H500S	-
Netapp	H700S Firmware	-
Netapp	H700S	-
Netapp	H410S Firmware	-
Netapp	H410S	-
Netapp	Clustered Data Ontap	-
Splunk	Universal Forwarder	>= 8.2.0, < 8.2.12

Related Weaknesses (CWE)

CWE-770

References

https://hackerone.com/reports/1826048ExploitIssue Tracking
https://lists.debian.org/debian-lts-announce/2023/02/msg00035.htmlMailing ListThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproMailing ListThird Party Advisory
https://security.gentoo.org/glsa/202310-12Third Party Advisory
https://security.netapp.com/advisory/ntap-20230309-0006/Third Party Advisory
https://www.debian.org/security/2023/dsa-5365Third Party Advisory
https://hackerone.com/reports/1826048ExploitIssue Tracking
https://lists.debian.org/debian-lts-announce/2023/02/msg00035.htmlMailing ListThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproMailing ListThird Party Advisory
https://security.gentoo.org/glsa/202310-12Third Party Advisory
https://security.netapp.com/advisory/ntap-20230309-0006/Third Party Advisory
https://www.debian.org/security/2023/dsa-5365Third Party Advisory

FAQ

What is CVE-2023-23916?

CVE-2023-23916 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multi...

How severe is CVE-2023-23916?

CVE-2023-23916 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-23916?

Check the references section above for vendor advisories and patch information. Affected products include: Haxx Curl, Fedoraproject Fedora, Debian Debian Linux, Netapp H300S Firmware, Netapp H300S.