Use After Free

CVE-2022-43552

Medium

5.9/10

Summary

A use after free vulnerability exists in curl prior to 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols "SMB" or "TELNET", curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-416 - Use After Free

Use-after-free (UaF) vulnerability occurs when the application is using a pointer to memory that has been freed. Any attempt to read/write to a buffer after it is de-allocated allows memory corruption, sensitive information exposure, and can potentially lead to arbitrary code execution.

References

Advisory
Advisory
Issue
Pull request
Advisory

Advisory Timeline

Published Feb 09, 2023

Use After Free

CVE-2022-43552

Summary

CWE-416 - Use After Free

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS