CVE-2024-2398
high-risk
Published 2024-03-27
When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.
Do I need to act?
~
2.0% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.6/10
High
NETWORK
/ LOW complexity
Affected Products (15)
Affected Vendors
References (26)
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/18
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/19
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/20
Vendor Advisory
https://curl.se/docs/CVE-2024-2398.html
Vendor Advisory
https://curl.se/docs/CVE-2024-2398.json
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproje...
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproje...
Third Party Advisory
https://security.netapp.com/advisory/ntap-20240503-0009/
Release Notes
https://support.apple.com/kb/HT214118
Release Notes
https://support.apple.com/kb/HT214119
Release Notes
https://support.apple.com/kb/HT214120
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/18
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/19
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/20
Vendor Advisory
https://curl.se/docs/CVE-2024-2398.html
Vendor Advisory
https://curl.se/docs/CVE-2024-2398.json
and 6 more references
52
/ 100
high-risk
Severity
29/34 · Critical
Exploitability
5/34 · Minimal
Exposure
18/34 · Moderate