PublicDateAtUSN: 2018-03-14
Candidate: CVE-2018-1000121
CRD: 2018-03-14
PublicDate: 2018-03-14 18:29:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121
 https://curl.haxx.se/docs/adv_2018-97a2.html
 https://ubuntu.com/security/notices/USN-3598-1
 https://ubuntu.com/security/notices/USN-3598-2
Description:
 A NULL pointer dereference exists in curl 7.21.0 to and including curl
 7.58.0 in the LDAP code that allows an attacker to cause a denial of
 service
Ubuntu-Description: 
Notes: 
 mdeslaur> introduced by https://github.com/curl/curl/commit/2e056353b00d09
Bugs: 
Priority: medium
Discovered-by: Dario Weisser
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_curl:
 upstream: https://github.com/curl/curl/commit/9889db043393092e9d4b5a42720bba0b3d58deba
upstream_curl: released (7.59.0)
precise/esm_curl: released (7.22.0-3ubuntu4.21)
trusty_curl: released (7.35.0-1ubuntu2.15)
trusty/esm_curl: released (7.35.0-1ubuntu2.15)
xenial_curl: released (7.47.0-1ubuntu2.7)
esm-infra/xenial_curl: released (7.47.0-1ubuntu2.7)
artful_curl: released (7.55.1-1ubuntu2.4)
bionic_curl: released (7.58.0-2ubuntu3)
devel_curl: released (7.58.0-2ubuntu3)