Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 05 Sep 2016 14:14:32 +0200
From: Kamil Dudka <>
        libcurl hacking <>,
Cc: Daniel Stenberg <>
Subject: Re: [SECURITY VULNERABILITY] curl: Re-using connections with wrong client cert

On Wednesday, August 03, 2016 09:05:26 Daniel Stenberg wrote:
> Re-using connections with wrong client cert
> ===========================================
> Project cURL Security Advisory, August 3rd 2016 -
> [Permalink](

After torture-testing the patch for CVE-2016-5420, it was discovered that 
libcurl built on top of NSS (Network Security Services) still incorrectly
re-uses client certificates if a certificate from file is used for one TLS
connection but no certificate is set for a subsequent TLS connection.

This problem was caused by an implementation detail of the NSS backend
in libcurl, which is orthogonal to the cause of CVE-2016-5420.  Users of 
libcurl/NSS that load client certificates from files are encouraged to
also apply the attached follow-up patch.

The original patch for CVE-2016-5420 has been amended to also contain the 
attached patch:

> -------------
> libcurl did not consider client certificates when reusing TLS connections.
> libcurl supports reuse of established connections for subsequent requests.
> It does this by keeping a few previous connections "alive" in a connection
> pool so that a subsequent request that can use one of them instead of
> creating a new connection will do so.
> When using a client certificate for a connection that was then put into the
> connection pool, that connection could then wrongly get reused in a
> subsequent request to that same server that either didn't use a client
> certificate at all or that asked to use a different client certificate thus
> trying to tell the user that it is a different entity.
> This mistakenly using the wrong connection could of course lead to
> applications sending requests to the wrong realms of the server using
> authentication that it wasn't supposed to have for those operations.
> We are not aware of any exploit of this flaw.
> ----
> This flaw also affects the curl command line tool.
> The Common Vulnerabilities and Exposures (CVE) project has assigned the name
> CVE-2016-5420 to this issue.
> -----------------
> This flaw is relevant for all versions of curl and libcurl that support
> SSL/TLS and client certificates.
> - Affected versions: libcurl 7.1 to and including 7.50.0
> - Not affected versions: libcurl >= 7.50.1
> libcurl is used by many applications, but not always advertised as such!
> ------------
> In version 7.50.1, curl will check that re-used connections have the correct
> client certificate (file name) before used.
> A [patch for CVE-2016-5420]( is
> available. This patch relies on the
> [CVE-2016-5419]( patch already
> having been applied.
> ---------------
> We suggest you take one of the following actions immediately, in order of
> preference:
>   A - Upgrade curl and libcurl to version 7.50.1
>   B - Apply the patch to your version and rebuild
>   C - Do not use client certificates
> ---------
> This was figured out by curl security team members during our work with the
> 20160803A flaw during June 2016. We contacted distros@...nwall on July 31.
> libcurl 7.50.1 was released on August 3 2016, coordinated with the
> publication of this advisory.
> -------
> Found by the curl security team. Patch by Daniel Stenberg.
> Thanks a lot!
View attachment "0001-nss-refuse-previously-loaded-certificate-from-file.patch" of type "text/x-patch" (1525 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ