SOCKS5 heap buffer overflow vulnerability in cURL

Published: October 11, 2023 Last Updated: October 12, 2023 01:06:05 PM

Description

Earlier today, the maintainers of cURL published information regarding a recently discovered vulnerability in form of a heap buffer overflow. cURL is a library/application with a very widespread usage and can be found in billions of devices and systems all over the world.

While we at ReadSpeaker also use cURL in different ways in our products, our initial investigations suggests that we are not adversely affected by this vulnerability. We will however promptly look into this deeper to rule out that there are any possible ways to exploit the vulnerability using our services.

Update 2023-10-12:

We have completed the investigation and have confirmed that this vulnerability is not exploitable in our services.

CVE ID

CVE-2023-38545

CVE classification

High

Impact on ReadSpeaker services

None

Remedial action

Completed

Further information

https://curl.se/docs/CVE-2023-38545.html