CVE-2023-38545

CVE-2023-38545 is a high-severity vulnerability identified in the cURL package, specifically related to a flaw in software design or implementation. This vulnerability was expected to be published simultaneously with the release of the cURL 8.4.0 package on October 11th. The Curl team disclosed this vulnerability, which could potentially enable remote code execution in applications that use affected versions of the Curl library. This disclosure followed initial reports, which were dismissed as "typical AI style hallucinations" mixing and matching facts from old security issues, creating a narrative with no connection to reality. The vulnerability CVE-2023-38545 was one of two vulnerabilities addressed in the release of curl 8.4.0. The other, CVE-2023-38546, was a low-severity cookie injection flaw. These two vulnerabilities were fixed by the Curl team in response to monitoring by NSFOCUS, which highlighted the SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545) and the cookie injection vulnerability (CVE-2023-38546). The release of curl 8.4.0 served to alleviate concerns about the severity of these vulnerabilities that had been building for a week. Protection against this threat is provided by Check Point IPS and Harmony End Point. They offer protection against the cURL libcurl Heap Buffer Overflow (CVE-2023-38545), and also against potential exploits targeting Linux systems (Exploit_Linux_CVE-2023-38545). With the release of curl 8.4.0, these vulnerabilities were effectively patched, ensuring the security of applications using the updated Curl library.