{ "document": { "aggregate_severity": { "text": "Medium" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/cloudlinux7els/vex/2023/cve-2023-27538-els_os-cloudlinux7els.json" } ], "tracking": { "current_release_date": "2026-06-12T21:52:11Z", "generator": { "date": "2026-06-12T21:52:11Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2023-27538-ELS_OS-CLOUDLINUX7ELS", "initial_release_date": "2023-03-30T20:15:00Z", "revision_history": [ { "date": "2023-03-30T20:15:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-06-12T21:52:11Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "Security update on CVE-2023-27538" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "CloudLinux 7", "product": { "name": "CloudLinux 7", "product_id": "CloudLinux-7", "product_identification_helper": { "cpe": "cpe:2.3:o:cloudlinux:cloudlinux:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "CloudLinux" }, { "branches": [ { "category": "product_version", "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.x86_64", "product": { "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.x86_64", "product_id": "libcurl-0:7.29.0-59.0.3.el7_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/libcurl@7.29.0-59.0.3.el7_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.x86_64", "product": { "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.x86_64", "product_id": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/libcurl-devel@7.29.0-59.0.3.el7_9.2?arch=x86_64" } } }, { "category": "product_version", "name": "curl-0:7.29.0-59.0.3.el7_9.2.x86_64", "product": { "name": "curl-0:7.29.0-59.0.3.el7_9.2.x86_64", "product_id": "curl-0:7.29.0-59.0.3.el7_9.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/curl@7.29.0-59.0.3.el7_9.2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.i686", "product": { "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.i686", "product_id": "libcurl-0:7.29.0-59.0.3.el7_9.2.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/libcurl@7.29.0-59.0.3.el7_9.2?arch=i686" } } }, { "category": "product_version", "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.i686", "product": { "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.i686", "product_id": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/libcurl-devel@7.29.0-59.0.3.el7_9.2?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Cloud Linux Software, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "product": { "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "product_id": "libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/libcurl@7.29.0-59.0.3.el7_9.2.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "product": { "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "product_id": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/libcurl-devel@7.29.0-59.0.3.el7_9.2.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "curl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "product": { "name": "curl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "product_id": "curl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/curl@7.29.0-59.0.3.el7_9.2.tuxcare.els2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "product": { "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "product_id": "libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/libcurl@7.29.0-59.0.3.el7_9.2.tuxcare.els2?arch=i686" } } }, { "category": "product_version", "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "product": { "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "product_id": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/libcurl-devel@7.29.0-59.0.3.el7_9.2.tuxcare.els2?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64" }, "product_reference": "libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.x86_64" }, "product_reference": "libcurl-0:7.29.0-59.0.3.el7_9.2.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686 as a component of CloudLinux 7", "product_id": "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686" }, "product_reference": "libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-0:7.29.0-59.0.3.el7_9.2.i686 as a component of CloudLinux 7", "product_id": "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.i686" }, "product_reference": "libcurl-0:7.29.0-59.0.3.el7_9.2.i686", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686 as a component of CloudLinux 7", "product_id": "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686" }, "product_reference": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.i686 as a component of CloudLinux 7", "product_id": "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.i686" }, "product_reference": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.i686", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64" }, "product_reference": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.x86_64" }, "product_reference": "libcurl-devel-0:7.29.0-59.0.3.el7_9.2.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:curl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64" }, "product_reference": "curl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "relates_to_product_reference": "CloudLinux-7" }, { "category": "default_component_of", "full_product_name": { "name": "curl-0:7.29.0-59.0.3.el7_9.2.x86_64 as a component of CloudLinux 7", "product_id": "CloudLinux-7:curl-0:7.29.0-59.0.3.el7_9.2.x86_64" }, "product_reference": "curl-0:7.29.0-59.0.3.el7_9.2.x86_64", "relates_to_product_reference": "CloudLinux-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-27538", "cwe": { "id": "CWE-305", "name": "Authentication Bypass by Primary Weakness" }, "notes": [ { "category": "description", "text": "An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "known_affected": [ "CloudLinux-7:curl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "CloudLinux-7:curl-0:7.29.0-59.0.3.el7_9.2.x86_64", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.i686", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.x86_64", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.i686", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-27538" }, { "category": "external", "summary": "https://hackerone.com/reports/1898475", "url": "https://hackerone.com/reports/1898475" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html", "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202310-12", "url": "https://security.gentoo.org/glsa/202310-12" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20230420-0010/", "url": "https://security.netapp.com/advisory/ntap-20230420-0010/" } ], "release_date": "2023-03-30T20:15:00Z", "remediations": [ { "category": "no_fix_planned", "date": "2026-06-12T13:07:20.242552Z", "details": "Deprioritize CVE-2023-27538 because it only affects libcurl’s SSH-based transfers (SCP/SFTP) and triggers solely when a single process reuses an existing SSH connection after changing either CURLOPT_SSH_PRIVATE_KEYFILE or CURLOPT_SSH_PUBLIC_KEYFILE; HTTPS and other non-SSH protocols are unaffected. Exploitation requires local ability to control libcurl options across successive transfers—there is no new remote attack surface—and results in an authentication/credential mix-up rather than code execution. With no integrity or availability impact and the uncommon precondition of mixing SSH identities within the same process, the practical risk to centrally managed server/VM workloads is low.", "product_ids": [ "CloudLinux-7:curl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "CloudLinux-7:curl-0:7.29.0-59.0.3.el7_9.2.x86_64", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.i686", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.x86_64", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.i686", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CloudLinux-7:curl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "CloudLinux-7:curl-0:7.29.0-59.0.3.el7_9.2.x86_64", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.i686", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "CloudLinux-7:libcurl-0:7.29.0-59.0.3.el7_9.2.x86_64", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.i686", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.i686", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.tuxcare.els2.x86_64", "CloudLinux-7:libcurl-devel-0:7.29.0-59.0.3.el7_9.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }