CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-7264: ASN.1 date parser overread

Description

libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an
ASN.1 Generalized Time field. If given an syntactically incorrect field, the
parser might end up using -1 for the length of the *time fraction*, leading to
a `strlen()` getting performed on a pointer to a heap buffer area that is not
(purposely) null terminated.

This flaw most likely leads to a crash, but can also lead to heap contents
getting returned to the application when
[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.

Classification

CVE ID: CVE-2024-7264

Affected Products

Vendor: curl

Product: curl

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 26.66% (scored less or equal to compared to others)

EPSS Date: 2025-03-14 (when was this score calculated)

References

https://curl.se/docs/CVE-2024-7264.json
https://curl.se/docs/CVE-2024-7264.html
https://hackerone.com/reports/2629968
http://www.openwall.com/lists/oss-security/2024/07/31/1

Timeline

2025-02-14 00:32:30 UTC
CVE

ASN.1 date parser overread
2025-03-06 09:45:39 UTC
Tenable Plugins

Linux Distros Unpatched Vulnerability : CVE-2024-7264