Updated: 2024-03-27 21:20:38.982584
Description:
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | MEDIUM | 5.8 |
CVSS Version 3.x | CRITICAL | 9.1 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
---|---|---|---|---|---|---|---|
AlmaLinux 9.2 ESU | curl | 7.76.1 | 9.1 | CRITICAL | Not Vulnerable | 2023-11-08 08:36:05 | |
CentOS 6 ELS | mysql | 5.1.73 | 9.1 | CRITICAL | Not Vulnerable | 2022-07-18 17:02:16 | |
CentOS 6 ELS | curl | 7.19.7 | 9.1 | CRITICAL | Not Vulnerable | 2022-04-15 12:59:25 | |
CentOS 8.4 ELS | mysql | 8.0.26 | 9.1 | CRITICAL | Not Vulnerable | 2022-04-15 12:59:39 | |
CentOS 8.5 ELS | mysql | 8.0.26 | 9.1 | CRITICAL | Not Vulnerable | 2022-04-15 12:59:39 | |
CloudLinux 6 ELS | mysql | 5.1.73 | 9.1 | CRITICAL | Not Vulnerable | 2022-07-18 17:02:16 | |
CloudLinux 6 ELS | curl | 7.19.7 | 9.1 | CRITICAL | Not Vulnerable | 2022-04-15 12:59:25 | |
Oracle Linux 6 ELS | mysql | 5.1.73 | 9.1 | CRITICAL | Not Vulnerable | 2022-07-18 17:02:16 | |
Oracle Linux 6 ELS | curl | 7.19.7 | 9.1 | CRITICAL | Not Vulnerable | 2022-04-15 12:59:25 | |
Ubuntu 16.04 ELS | mysql-5.7 | 5.7.33-0 | 9.1 | CRITICAL | Not Vulnerable | 2022-04-15 12:59:39 |