OpenCVE

libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the *time fraction*, leading to a `strlen()` getting performed on a pointer to a heap buffer area that is not (purposely) null terminated. This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Haxx	Libcurl
Redhat	Service Mesh

Configuration 1 [-]

cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat OpenShift Service Mesh 2.6 for RHEL 8
openshift-service-mesh/grafana-rhel8:2.6.2-3	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:7726	2024-10-07T00:00:00Z
openshift-service-mesh/istio-cni-rhel8:2.6.2-5	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:7726	2024-10-07T00:00:00Z
openshift-service-mesh/istio-must-gather-rhel8:2.6.2-4	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:7726	2024-10-07T00:00:00Z
openshift-service-mesh/istio-rhel8-operator:2.6.2-5	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:7726	2024-10-07T00:00:00Z
openshift-service-mesh/kiali-ossmc-rhel8:1.89.2-3	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:7726	2024-10-07T00:00:00Z
openshift-service-mesh/kiali-rhel8:1.89.4-3	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:7726	2024-10-07T00:00:00Z
openshift-service-mesh/kiali-rhel8-operator:1.89.6-1	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:7726	2024-10-07T00:00:00Z
openshift-service-mesh/pilot-rhel8:2.6.2-5	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:7726	2024-10-07T00:00:00Z
openshift-service-mesh/ratelimit-rhel8:2.6.2-3	cpe:/a:redhat:service_mesh:2.6::el8	RHSA-2024:7726	2024-10-07T00:00:00Z
Red Hat OpenShift Service Mesh 2.6 for RHEL 9
openshift-service-mesh/proxyv2-rhel9:2.6.2-7	cpe:/a:redhat:service_mesh:2.6::el9	RHSA-2024:7726	2024-10-07T00:00:00Z

References

Link	Providers
http://www.openwall.com/lists/oss-security/2024/07/31/1
https://curl.se/docs/CVE-2024-7264.html
https://curl.se/docs/CVE-2024-7264.json
https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519
https://hackerone.com/reports/2629968
https://nvd.nist.gov/vuln/detail/CVE-2024-7264
https://security.netapp.com/advisory/ntap-20240828-0008/
https://www.cve.org/CVERecord?id=CVE-2024-7264
https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL

History

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519 https://security.netapp.com/advisory/ntap-20240828-0008/

Wed, 30 Oct 2024 20:15:00 +0000

Type	Values Removed	Values Added
References	https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519 https://security.netapp.com/advisory/ntap-20240828-0008/
Metrics	cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}`	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}` cvssV3_1 `{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}`

Wed, 16 Oct 2024 02:30:00 +0000

Type	Values Removed	Values Added
References		https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL

Tue, 08 Oct 2024 02:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat service Mesh
CPEs		cpe:/a:redhat:service_mesh:2.6::el8 cpe:/a:redhat:service_mesh:2.6::el9
Vendors & Products		Redhat Redhat service Mesh

Wed, 28 Aug 2024 15:30:00 +0000

Type	Values Removed	Values Added
References		https://security.netapp.com/advisory/ntap-20240828-0008/

Mon, 12 Aug 2024 18:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Haxx Haxx libcurl
CPEs		cpe:2.3:a:haxx:libcurl::::::::
Vendors & Products		Haxx Haxx libcurl
Metrics	cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H'}`	cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}`

Wed, 07 Aug 2024 03:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-125
References		https://nvd.nist.gov/vuln/detail/CVE-2024-7264 https://www.cve.org/CVERecord?id=CVE-2024-7264
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H'}` threat_severity `Low`

MITRE

Status: PUBLISHED

Assigner: curl

Published: 2024-07-31T08:08:14.585Z

Updated: 2024-10-30T19:41:40.489Z

Reserved: 2024-07-30T08:04:22.389Z

Link: CVE-2024-7264

Vulnrichment

Updated: 2024-08-28T15:02:52.325Z

NVD

Status : Modified

Published: 2024-07-31T08:15:02.657

Modified: 2024-11-21T09:51:10.360

Link: CVE-2024-7264

Redhat

Severity : Low

Publid Date: 2024-07-31T00:00:00Z

Links: CVE-2024-7264 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object