CVE-2024-7264

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-7264
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-7264.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-7264
Aliases
Downstream
Related
Published
2024-07-31T08:15:02Z
Modified
2025-11-05T14:20:07.376003Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

libcurl's ASN1 parser code has the GTime2str() function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a strlen() getting performed on a pointer to a heap buffer area that is not (purposely) null terminated.

This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when CURLINFO_CERTINFO is used.

References

Affected packages

Git / github.com/curl/curl

Affected ranges

Type
GIT
Repo
https://github.com/curl/curl
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
27959ecce75cdb2809c0bdb3286e60e08fadb519

Affected versions

Other

before_ftp_statemachine
before_urldata_rename
curl-6_5
curl-6_5_1
curl-6_5_2
curl-7_10
curl-7_10_1
curl-7_10_2
curl-7_10_3
curl-7_10_4
curl-7_10_5
curl-7_10_6
curl-7_10_7
curl-7_10_8
curl-7_11_0
curl-7_11_1
curl-7_11_2
curl-7_12_0
curl-7_12_1
curl-7_12_2
curl-7_12_3
curl-7_13_0
curl-7_13_1
curl-7_13_2
curl-7_14_0
curl-7_14_1
curl-7_15_0
curl-7_15_1
curl-7_15_2
curl-7_15_3
curl-7_15_4
curl-7_15_5
curl-7_15_6-prepipeline
curl-7_16_0
curl-7_16_1
curl-7_16_2
curl-7_16_3
curl-7_16_4
curl-7_17_0
curl-7_17_0-preldapfix
curl-7_17_1
curl-7_18_0
curl-7_18_1
curl-7_18_2
curl-7_19_0
curl-7_19_1
curl-7_19_2
curl-7_19_3
curl-7_19_4
curl-7_19_5
curl-7_19_6
curl-7_19_7
curl-7_1_1
curl-7_2
curl-7_20_0
curl-7_20_1
curl-7_21_0
curl-7_21_1
curl-7_21_2
curl-7_21_3
curl-7_21_4
curl-7_21_5
curl-7_21_6
curl-7_21_7
curl-7_22_0
curl-7_23_0
curl-7_23_1
curl-7_24_0
curl-7_25_0
curl-7_26_0
curl-7_27_0
curl-7_28_0
curl-7_28_1
curl-7_29_0
curl-7_3
curl-7_30_0
curl-7_31_0
curl-7_32_0
curl-7_33_0
curl-7_34_0
curl-7_35_0
curl-7_36_0
curl-7_37_0
curl-7_37_1
curl-7_38_0
curl-7_39_0
curl-7_40_0
curl-7_41_0
curl-7_42_0
curl-7_43_0
curl-7_44_0
curl-7_45_0
curl-7_46_0
curl-7_47_0
curl-7_47_1
curl-7_48_0
curl-7_49_0
curl-7_49_1
curl-7_4_1
curl-7_5
curl-7_50_0
curl-7_50_1
curl-7_50_2
curl-7_50_3
curl-7_51_0
curl-7_52_0
curl-7_52_1
curl-7_53_0
curl-7_53_1
curl-7_54_0
curl-7_54_1
curl-7_55_0
curl-7_55_1
curl-7_56_0
curl-7_56_1
curl-7_57_0
curl-7_58_0
curl-7_59_0
curl-7_5_2
curl-7_6
curl-7_6-pre4
curl-7_60_0
curl-7_61_0
curl-7_61_1
curl-7_62_0
curl-7_63_0
curl-7_64_0
curl-7_64_1
curl-7_65_0
curl-7_65_1
curl-7_65_2
curl-7_65_3
curl-7_66_0
curl-7_67_0
curl-7_68_0
curl-7_69_0
curl-7_69_1
curl-7_6_1
curl-7_6_1-pre1
curl-7_6_1-pre2
curl-7_6_1-pre3
curl-7_7
curl-7_7-beta1
curl-7_7-beta2
curl-7_7-beta3
curl-7_7-beta5
curl-7_70_0
curl-7_71_0
curl-7_71_1
curl-7_72_0
curl-7_73_0
curl-7_74_0
curl-7_75_0
curl-7_76_0
curl-7_76_1
curl-7_77_0
curl-7_78_0
curl-7_79_0
curl-7_79_1
curl-7_7_1
curl-7_7_2
curl-7_7_3
curl-7_7_alpha2
curl-7_8
curl-7_8-pre2
curl-7_80_0
curl-7_81_0
curl-7_82_0
curl-7_83_0
curl-7_83_1
curl-7_84_0
curl-7_85_0
curl-7_86_0
curl-7_87_0
curl-7_88_0
curl-7_88_1
curl-7_8_1
curl-7_8_1-pre3
curl-7_9
curl-7_9_1
curl-7_9_2
curl-7_9_3
curl-7_9_3-pre1
curl-7_9_3-pre2
curl-7_9_3-pre3
curl-7_9_4
curl-7_9_5
curl-7_9_5-pre2
curl-7_9_5-pre4
curl-7_9_6
curl-7_9_7
curl-7_9_7-pre2
curl-7_9_8
curl-8_0_0
curl-8_0_1
curl-8_1_0
curl-8_1_1
curl-8_1_2
curl-8_2_0
curl-8_2_1
curl-8_3_0
curl-8_4_0
curl-8_5_0
curl-8_6_0
curl-8_7_0
curl-8_7_1
curl-8_8_0
curl-8_9_0
curl_7_6-pre3

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "44391705612524364774368042722019714327",
            "length": 1104.0
        },
        "target": {
            "function": "GTime2str",
            "file": "lib/vtls/x509asn1.c"
        },
        "id": "CVE-2024-7264-357d5c8a"
    },
    {
        "source": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "95126134743640794896963096731829227697",
                "144779354657065835501752563488437428604",
                "317072365810900046882446524785076944464"
            ]
        },
        "target": {
            "file": "lib/vtls/x509asn1.h"
        },
        "id": "CVE-2024-7264-67821506"
    },
    {
        "source": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "225876056498704765845877006559546262300",
                "176423151054548165360750876540677858194",
                "289668165175774764560448522829877424639",
                "242644217041992152321989115265215972879",
                "268532454690515376590998156180152951206",
                "310272947232416495089203242947839935684",
                "301038965153660893262258651624092148049",
                "32862098234719251992637084107481093688",
                "220300149285119356296593497329560454543",
                "303852349410960188254824451623453671590",
                "9591007534432890142340230746602368870",
                "275271375232490080563785528446164228624",
                "17377905258464721812210095822744909001",
                "42362003463451388804118331388589612087",
                "32253411418572657241631111414545383706",
                "98035622866023045045478393730663191063",
                "296432699133742590980654626491505239460",
                "230280919300164717500587727305278940390",
                "25538375731885481183170371639755625079",
                "267395533405182516326850447821945556602",
                "213019383524148410116549292298220134339",
                "239491207639922602422962646100192763644",
                "262405149748443976684945419827080942246",
                "108788281347994535860029351021890880673",
                "313863988834971745022596417113198128543",
                "17971457333675315949877802435449047435"
            ]
        },
        "target": {
            "file": "lib/vtls/x509asn1.c"
        },
        "id": "CVE-2024-7264-d42afa67"
    }
]