Security Bulletin: Multiple vulnerabilities in libcURL affect IBM Rational ClearCase.

Summary

libcURL vulnerabilities were disclosed by the libcURL Project. libcURL is used by IBM Rational ClearCase. [CVE-2023-38039, CVE-2023-38545]

Vulnerability Details

CVEID:CVE-2023-38039
**DESCRIPTION:**cURL libcurl is vulnerable to a denial of service, caused by not limiting the number and size of headers accept in a response. By sending a specially crafted request, a remote attacker could exploit this vulnerability to run out of heap memory, and results in a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/265946 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-38545
**DESCRIPTION:**libcurl and cURL are vulnerable to a heap-based buffer overflow, caused by the improper handling of hostnames longer than 255 bytes during a slow SOCKS5 proxy handshake. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/268045 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Remediation/Fixes

Apply a fix pack as listed in the table below. The fix pack included libcURL 8.1.2 with CVE fixes.

Affected Versions

|

Applying the fix

—|—
9.1 through 9.1.0.5| Install Rational ClearCase Fix Pack 6 (9.1.0.6) for 9.1
10.0.1| Install Rational ClearCase Fix Pack 1 (10.0.1.1) for 10.0.1

For 9.0.2.X and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product.

_For 10.0.0.x releases, IBM recommends upgrading to 10.0.1.x release. _

Workarounds and Mitigations

None