Oval Definition:	oval:com.ubuntu.xenial:def:2018168400000000
Revision Date: 2018-10-31 Version: 1 Title: CVE-2018-16840 on Ubuntu 16.04 LTS (xenial) - medium. Description: A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-16840 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information NOT curl package in xenial, while related to the CVE in some way, is not affected. OR NOT libcurl3 package in xenial, while related to the CVE in some way, is not affected. OR NOT libcurl3-gnutls package in xenial, while related to the CVE in some way, is not affected. OR NOT libcurl3-nss package in xenial, while related to the CVE in some way, is not affected.
BACK