Launchpad CVE tracker

CVE 2021-22945

When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.

Related bugs and status

CVE-2021-22945 (Candidate) is related to these bugs:

Bug #1994096: Debian CVE: CVE-2021-22945/CVE-2022-27781/CVE-2022-32207: curl: multiple CVEs

Summary				In	Importance	Status
	1994096	Debian CVE: CVE-2021-22945/CVE-2022-27781/CVE-2022-32207: curl: multiple CVEs		StarlingX	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://hackerone.com/...
FEDORA: FEDORA-2021-fc96a3a749
MISC: https://www.oracle.com...
CONFIRM: https://security.netap...
FEDORA: FEDORA-2021-1d24845e93
CONFIRM: https://cert-portal.si...
CONFIRM: https://support.apple....
FULLDISC: 20220314 APPLE-SA-2022...
DEBIAN: DSA-5197
GENTOO: GLSA-202212-01

Launchpad.net

CVE 2021-22945

Related bugs and status

Related bugs

References