CVE-2024-6874

Name
CVE-2024-6874
Description
libcurl's URL API function [curl_url_get()](https://curl.se/libcurl/c/curl_url_get.html) offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the *macidn* IDN backend. The conversion function then fills up the provided buffer exactly - but does not null terminate the string. This flaw can lead to stack contents accidently getting returned as part of the converted string.
NVD Severity
low
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://curl.se/docs/CVE-2024-6874.json
https://curl.se/docs/CVE-2024-6874.html
https://hackerone.com/reports/2604391
http://www.openwall.com/lists/oss-security/2024/07/24/2

Match rules

CPE URI Source package Min version Max version
curl >= 0 <= 8.8.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
curl 3.17-main 8.9.0-r0 Natanael Copa <ncopa@alpinelinux.org> fixed