Lucene search
UbuntuUSN-6718-2HistoryMar 27, 2024 - 12:00 a.m.
curl vulnerability
2024-03-2700:00:00
ubuntu.com
13
ubuntu
curl
vulnerability
http/https/ftp
denial of service
Releases
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
Packages
- curl - HTTP, HTTPS, and FTP client and client libraries
Details
USN-6718-1 fixed a vulnerability in curl. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that curl incorrectly handled memory when limiting the
amount of headers when HTTP/2 server push is allowed. A remote attacker
could possibly use this issue to cause curl to consume resources, leading
to a denial of service. (CVE-2024-2398)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 18.04 | noarch | curl | < 7.58.0-2ubuntu3.24+esm4 | UNKNOWN |
| Ubuntu | 18.04 | noarch | curl | < 7.58.0-2ubuntu3.24 | UNKNOWN |
| Ubuntu | 18.04 | noarch | curl-dbgsym | < 7.58.0-2ubuntu3.24 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libcurl3-gnutls | < 7.58.0-2ubuntu3.24 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libcurl3-gnutls-dbgsym | < 7.58.0-2ubuntu3.24 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libcurl3-nss | < 7.58.0-2ubuntu3.24 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libcurl3-nss-dbgsym | < 7.58.0-2ubuntu3.24 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libcurl4 | < 7.58.0-2ubuntu3.24 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libcurl4-dbgsym | < 7.58.0-2ubuntu3.24 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libcurl4-doc | < 7.58.0-2ubuntu3.24 | UNKNOWN |
References
Related
cgr
cgr
CVE-2024-2398 vulnerabilities
2024-05-19 03:07:16
osv
osv
curl vulnerability
2024-03-27 14:59:43
CVE-2024-2398
2024-03-27 08:15:41
HTTP/2 push headers memory-leak
2024-03-27 08:00:00
f5
f5
K000140029: libcurl vulnerability CVE-2024-2398
2024-06-18 00:00:00
nessus
nessus
EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-1808)
2024-06-25 00:00:00
RHEL 9 : curl (RHSA-2024:3998)
2024-06-20 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : curl vulnerability (USN-6718-2)
2024-03-27 00:00:00
wolfi
wolfi
CVE-2024-2398 vulnerabilities
2024-06-25 15:33:25
cvelist
cvelist
CVE-2024-2398 HTTP/2 push headers memory-leak
2024-03-27 07:55:48
veracode
veracode
Memory Leakage
2024-04-06 00:29:16
debiancve
debiancve
CVE-2024-2398
2024-03-27 08:15:41
cve
cve
CVE-2024-2398
2024-03-27 08:15:41
hackerone
hackerone
curl: CVE-2024-2398: HTTP/2 push headers memory-leak
2024-03-05 16:56:33
Internet Bug Bounty: CVE-2024-2398: HTTP/2 push headers memory-leak
2024-03-31 20:25:17
openvas
openvas
Ubuntu: Security Advisory (USN-6718-2)
2024-03-28 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1808)
2024-06-25 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1829)
2024-06-25 00:00:00
nvd
nvd
CVE-2024-2398
2024-03-27 08:15:41
alpinelinux
alpinelinux
CVE-2024-2398
2024-03-27 08:15:41
ibm
ibm
redhatcve
redhatcve
CVE-2024-2398
2024-03-27 09:27:15
ubuntucve
ubuntucve
CVE-2024-2398
2024-03-27 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: curl-8.2.1-5.fc39
2024-04-25 01:20:28
[SECURITY] Fedora 40 Update: curl-8.6.0-8.fc40
2024-04-19 21:41:45
ubuntu
ubuntu
curl vulnerabilities
2024-03-27 00:00:00
curl vulnerabilities
2024-04-29 00:00:00
amazon
amazon
Medium: curl
2024-04-24 22:15:00
cloudfoundry
cloudfoundry
USN-6718-1: curl vulnerabilities | Cloud Foundry
2024-05-02 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0233
2024-03-27 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0585
2024-03-27 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0743
2024-03-27 00:00:00
mageia
mageia
Updated curl packages fix security vulnerabilities
2024-03-29 06:49:09
slackware
slackware
[slackware-security] curl
2024-03-27 19:16:33
redhat
redhat
hp
hp
HP ThinPro 8.0 SP 9 Security Updates
2024-06-17 00:00:00