Linux cURL library
Problem Description
A critical vulnerability in cURL provides attackers with the ability to set up a host system that foists an overlong host name on clients when connecting to SOCKS5 proxies.
This results in a buffer overflow that allows remote code execution on the client system.
All cURL versions between 7.69.0 and including 8.3.0 are affected. cURL for Windows and cURL for Python are not affected. Fortunately, there is another limitation. The vulnerability can only be exploited if the SOCKS5 connection is via a proxy.
Connected CVE
CVE-2023-38545 (NVD - CVE-2023-38545 (nist.gov))
Affected Products
The following table lists the products containing cURL and provide an evaluation, as well as measures and possible updates / service packs.
|
Product |
Evaluation |
Measures |
Update/Service Pack |
|
SIMPHERA Container Images |
No SOCKS5 data connections are used. The user does not have the possibility to set environment variables to configure usage of SOCKS5. Exploiting the vulnerability would be very difficult and unlikly. |
Not necessary |
SIMPHERA 23.7 |
|
SCALEXIO RTLib 23.2 RTLib1203 RTLib1403 |
Used for communication between CPUs. No SOCKS5 data connections are used. Exploiting the vulnerability would be very difficult and unlikly. |
Not necessary |
24.1 |
Measures
In order to avoid exploitation of the vulnerability as best as possible, the following steps can be taken:
- Do not use CURLPROXY_SOCKS5_HOSTNAME proxies with curl
- Do not set a proxy environment variable to socks5h://
We will update the information as soon as we have new insights.
| Date | 2023-10-19 |
| Information Type | Notifications |
| Information Category | Product Security, Troubleshooting |
Drive innovation forward. Always on the pulse of technology development.
Subscribe to our expert knowledge. Learn from our successful project examples. Keep up to date on simulation and validation. Subscribe to/manage dSPACE direct and aerospace & defense now.