ALT-PU-2025-4264-1

BDU:2025-01585

HIGH7.3

Уязвимость функции gzip_do_write() библиотеки сжатия zlib утилиты командной строки cURL, позволяющая нарушителю обойти механизм защиты ASLR, выполнить произвольный код или вызвать отказ в обслуживании

Published: 2025-04-10Modified: 2025-09-22

CVSS 3.xHIGH 7.3

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2025-0725

BDU:2025-02320

CRITICAL9.8

Уязвимость файловым дескриптором eventfd библиотеки libcurl, позволяющая нарушителю выполнить произвольный код или раскрыть защищаемую информацию

Published: 2025-03-05Modified: 2026-03-18

CVSS 3.xCRITICAL 9.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2025-0665

CVE-2025-0167

LOW3.4

When asked to use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance.

Published: 2025-02-05Modified: 2025-07-30

CVSS 3.xLOW 3.4

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

References

CVE-2025-0665

HIGH7.0

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve.

Published: 2025-02-05Modified: 2026-03-17

CVSS 3.xHIGH 7.0

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

References

CVE-2025-0725

HIGH7.3

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

Published: 2025-02-05Modified: 2025-06-27

CVSS 3.xHIGH 7.3

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References

Package update curl in branch p10_e2k

Closed issues (5)

Уязвимость файловым дескриптором eventfd библиотеки libcurl, позволяющая нарушителю выполнить произвольный код или раскрыть защищаемую информацию

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve.

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

Package update curl in branch p10_e2k

Closed issues (5)

Уязвимость файловым дескриптором eventfd библиотеки libcurl, позволяющая нарушителю выполнить произвольный код или раскрыть защищаемую информацию

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve.

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.