6070 – [Anolis OS 8] Bugfix for CVE-2022-32221

Bug 6070 - [Anolis OS 8] Bugfix for CVE-2022-32221

Summary: [Anolis OS 8] Bugfix for CVE-2022-32221

Status:	NEW

Alias:	None

Product:	Anolis OS 8
Classification:	Anolis OS
Component:	BaseOS Packages (show other bugs)	BaseOS Packages
Sub Component:
Version:	8.6
Hardware:	All Linux

Importance:	P3-Medium S3-normal
Target Milestone:	---
Assignee:	Jacob
QA Contact:	shuming

URL:
Whiteboard:
Keywords:	CVE

Depends on:
Blocks:

Reported:	2023-08-01 21:29 UTC by 小龙
Modified:	2023-08-01 21:29 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description 小龙 admin

2023-08-01 21:29:39 UTC

Description:
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.

Broken commit info:

Bugfix commit info:
https://github.com/curl/curl/commit/a64e3e59938abd7d6
https://github.com/curl/curl/commit/a64e3e59938abd7d667e4470a18072a24d7e9de9