{"id":"CURL-CVE-2021-22890","summary":"TLS 1.3 session ticket proxy host mix-up","details":"Enabled by default, libcurl supports the use of TLS 1.3 session tickets to\nresume previous TLS sessions to speed up subsequent TLS handshakes.\n\nWhen using an HTTPS proxy and TLS 1.3, libcurl can confuse session tickets\narriving from the HTTPS proxy but work as if they arrived from the remote\nserver and then wrongly \"short-cut\" the host handshake. The reason for this\nconfusion is the modified sequence from TLS 1.2 when the session ids would\nprovided only during the TLS handshake, while in TLS 1.3 it happens post\nhand-shake and the code was not updated to take that changed behavior into\naccount.\n\nWhen confusing the tickets, an HTTPS proxy can trick libcurl to use the wrong\nsession ticket resume for the host and thereby circumvent the server TLS\ncertificate check and make a MITM attack to be possible to perform unnoticed.\n\nThis flaw can allow a malicious HTTPS proxy to MITM the traffic. Such a\nmalicious HTTPS proxy needs to provide a certificate that curl accepts for the\nMITMed server for an attack to work - unless curl has been told to ignore the\nserver certificate check.","aliases":["CVE-2021-22890"],"modified":"2024-06-07T13:53:51Z","published":"2021-03-31T08:00:00Z","database_specific":{"CWE":{"id":"CWE-290","desc":"Authentication Bypass by Spoofing"},"last_affected":"7.75.0","package":"curl","URL":"https://curl.se/docs/CVE-2021-22890.json","www":"https://curl.se/docs/CVE-2021-22890.html","severity":"Low","affects":"both","issue":"https://hackerone.com/reports/1129529"},"affected":[{"ranges":[{"type":"SEMVER","events":[{"introduced":"7.63.0"},{"fixed":"7.76.0"}]},{"type":"GIT","repo":"https://github.com/curl/curl.git","events":[{"introduced":"549310e907e82e44c59548351d4c6ac4aaada114"},{"fixed":"b09c8ee15771c614c4bf3ddac893cdb12187c844"}]}],"versions":["7.75.0","7.74.0","7.73.0","7.72.0","7.71.1","7.71.0","7.70.0","7.69.1","7.69.0","7.68.0","7.67.0","7.66.0","7.65.3","7.65.2","7.65.1","7.65.0","7.64.1","7.64.0","7.63.0"],"database_specific":{"vanir_signatures":[{"signature_type":"Function","id":"CURL-CVE-2021-22890-1de0a59c","signature_version":"v1","deprecated":false,"target":{"function":"ossl_init","file":"lib/vtls/openssl.c"},"digest":{"function_hash":"80884663806924463355113230249959573248","length":916},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-26515ad3","signature_version":"v1","deprecated":false,"target":{"function":"schannel_connect_step1","file":"lib/vtls/schannel.c"},"digest":{"function_hash":"5139200581572407689832933350333853679","length":14086},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-26520106","signature_version":"v1","deprecated":false,"target":{"function":"mesalink_connect_step1","file":"lib/vtls/mesalink.c"},"digest":{"function_hash":"289183786604339011210738353494027630468","length":5076},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Line","id":"CURL-CVE-2021-22890-2b11af9d","signature_version":"v1","deprecated":false,"target":{"file":"lib/vtls/openssl.c"},"digest":{"line_hashes":["336862766761884050769116587817295912056","297851505741043129063521220402607229180","328614204953432820739752912054245703814","11155270369736945281130705403512708313","265810100451231122542676701135681817879","205929934791292759173694489331202740514","130005939109978981705810034051176678074","247802730921077175533046497812762688225","289352291518053959106152824481167733187","6621775588854414742547271709892543253","219411867131551039853419118958207932931","4620339518264752730194782083653896029","195907131268044135622015181203430698233","172753200693146242267141585689554508606","67007874163717154059336673594240254632","166560870589218938048568785457940230601","283006304460402970076765740628106221383","263947941456404785882371842021986596532","205890143084002102133011266597118584792","79320559291548499350309183118973007470","285919966942250969944156882776868050918","209602668270031020582990676253372477309","17428929338135236715719300710795183443","313973454568289553342014041310579447746","294544813080860896394029298982097261110","53646144176723679661461759034349632218","295220195230965073555177294687484452358","276205772157923235129804727510266670319","206005753754129748029513149742679435774","263115745916382983360801603770342039389","329567549756815297904183647351731716803","313136005052498845159826498960112144492","207030032140940270196392569482197400507","237111573662373539150810607076613652830","300578009649016493468754225179517102825","251233578770041621976522388620131096078","313036687635984071871570201527104228354","253029238641266424960123916798835656629","301017612119832539258258664601022628795","23962009691912419874635712459948598435","65101538474635220529629968750792964940","237441696880455912014919231651310269144","94325003603737462345976949732783861832"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-2db50422","signature_version":"v1","deprecated":false,"target":{"function":"Curl_ssl_getsessionid","file":"lib/vtls/vtls.c"},"digest":{"function_hash":"273773718086387081672517218253030966863","length":1765},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Line","id":"CURL-CVE-2021-22890-374283ce","signature_version":"v1","deprecated":false,"target":{"file":"lib/vtls/sectransp.c"},"digest":{"line_hashes":["94806077645884548060356296987107393311","10309756939681767696479113036011857256","284962477473351812358256850907875610156","27145230871328219916908011849942321666","264289887821443988238926048732973447991","1494018070174834192384809129159698343","56473950453775189745254640432469587258","284495504252623812608368024147303529164","128967931758267577436775311696107071164","264800750892326469160560054504535730373","260236878120012432036962430259182642317","113061089884518445466830529177739034694","140113271631500951744152997984593605772","155776449572785891323867422754622153698","57347696963449830585357186002440837464","20727556016287663810408881081865839818","120431589425223616121369566049881578811","240443655738258383365150692049648863427","934764322153241323606428248901294909"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-39da7906","signature_version":"v1","deprecated":false,"target":{"function":"sectransp_connect_step1","file":"lib/vtls/sectransp.c"},"digest":{"function_hash":"195480434458998131836680177149753632510","length":15660},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-3c48b1d8","signature_version":"v1","deprecated":false,"target":{"function":"schannel_connect_step3","file":"lib/vtls/schannel.c"},"digest":{"function_hash":"144865884071843540727249051842521559293","length":3833},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Line","id":"CURL-CVE-2021-22890-3e62efd8","signature_version":"v1","deprecated":false,"target":{"file":"lib/vtls/mbedtls.c"},"digest":{"line_hashes":["37932985936585854417497470395747221252","287191147748029187849571221310677255183","197250966739074887161752463742401078619","169137895400406461309711661052989717302","278747447951589288548246499159251783904","318739512785308934130156772394115426099","47774508376400011252940241351892461314","2084630322519792639222923955251622231","177592947151748376316528643939395075657","104981547749617085342165234632777808088","294940662576928400801456463873230335775","260597147074647110831301819629759251698","335710745409227085863438584452677873891","52082007041627474181062333086615873096","37799751703719029871082580095440201451"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Line","id":"CURL-CVE-2021-22890-42263dd2","signature_version":"v1","deprecated":false,"target":{"file":"lib/vtls/schannel.c"},"digest":{"line_hashes":["178767553165638964839221207122137774796","272491340871670518151998728143965550891","107901934970741544009396790875593752281","217194281838355325872797047555395071528","14878312773212023743327997631287651061","327216610405849993121451937990182934434","332661952915560985015384196497864907657","30766822347222452244347912117374092829","151350169594671595819938192947282287315","145579880652926316132952532671062473865","316852695220276224570896470467083507343","77494677251940678821657007853599095097","124113057411681008228094188471501689746","2400542830540229961656930747382456028","295060371976656940152059506373800879182","132131308813560169756421625711278433535","45821809746057711595427229750198544607","169430944314539389920634402693600281549","113601308303748319520625108572984193088"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-422c48e9","signature_version":"v1","deprecated":false,"target":{"function":"ossl_new_session_cb","file":"lib/vtls/openssl.c"},"digest":{"function_hash":"308990709987683739662933893501194887458","length":921},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Line","id":"CURL-CVE-2021-22890-45cd9dc9","signature_version":"v1","deprecated":false,"target":{"file":"lib/vtls/vtls.c"},"digest":{"line_hashes":["268962970819924094110691161491957863816","205258130366830432407424670226347008643","195892027979958881804162385641858298136","198976998033725377393444014942292495345","256059411389376877407088676580560681480","305088672631858847360724749476847700009","52535100091841008717307588108464370964","227916282593726575771065171718883780359","227840231437837640280420463055721921348","64409863875499735535558115805233233493","98078335743745395122219373932166262023","302639403580318386646575105414852971901","196722779721628807347092390854125174387","39212040839488978586926835371164649","210971096874320897259853002740646672018","150716026310542410932576830671903012540","64418971108864587855930149252637972203","40858013799978284042569013875922119643","170730426052655033682893892660307245265","50025630586994856825148198177227755083","52535100091841008717307588108464370964","227916282593726575771065171718883780359","333542710183271162081549951062673907323","78085967125862214019567995518943543364","78874384092257446950356152726808333826","167813800407009536293128779470948170062"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-4637350b","signature_version":"v1","deprecated":false,"target":{"function":"bearssl_connect_step3","file":"lib/vtls/bearssl.c"},"digest":{"function_hash":"291995655788906975512766513248808450316","length":1373},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-51c276e7","signature_version":"v1","deprecated":false,"target":{"function":"wolfssl_connect_step3","file":"lib/vtls/wolfssl.c"},"digest":{"function_hash":"6127449131006183383292564831652302757","length":834},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-570e7885","signature_version":"v1","deprecated":false,"target":{"function":"Curl_ssl_addsessionid","file":"lib/vtls/vtls.c"},"digest":{"function_hash":"171358484790234737202903135384044384964","length":2091},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-5fe112f1","signature_version":"v1","deprecated":false,"target":{"function":"gtls_connect_step1","file":"lib/vtls/gtls.c"},"digest":{"function_hash":"176941675248206322130424446270766527784","length":8286},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Line","id":"CURL-CVE-2021-22890-6b525a20","signature_version":"v1","deprecated":false,"target":{"file":"lib/vtls/vtls.h"},"digest":{"line_hashes":["62362930007964672800051951659597470656","128492517162448780522896505497679538347","195892027979958881804162385641858298136","157957246349334757271664443503223851986","212161420088433513538636478340773552056","58143578620572766693585841981142237697","64418971108864587855930149252637972203","49395248967643113852698362427099908205"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-8059bae7","signature_version":"v1","deprecated":false,"target":{"function":"gtls_connect_step3","file":"lib/vtls/gtls.c"},"digest":{"function_hash":"251636660413821095853877843826680694054","length":10527},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-adb38d41","signature_version":"v1","deprecated":false,"target":{"function":"mbed_connect_step3","file":"lib/vtls/mbedtls.c"},"digest":{"function_hash":"169596441448966558744563116128501756962","length":1014},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Line","id":"CURL-CVE-2021-22890-b279da61","signature_version":"v1","deprecated":false,"target":{"file":"lib/vtls/mesalink.c"},"digest":{"line_hashes":["257091547068256645533251025968372636123","199598968298026094710858393990661165633","237441696880455912014919231651310269144","238138501240126757698671457963878120907","244561538040711958225097324730297355260","77735677815391823125170676532804589244","120980860515748343956621457630727501610","135522781075013639240418211194702472725","324536199244111399303003093032804685309","158019176260761905541735309381541030174","280541150140731869465519940527179804827","165820139194305913870133051543294769364","328203048585213544622903547363954863328","211705176733752141884926158426404476216","296923588728900978858740961700501183560","73724796446795864522177628388100790372","329789519029211599477668060238374212484","5682168722210681913865825773575692704"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Line","id":"CURL-CVE-2021-22890-b91e8d42","signature_version":"v1","deprecated":false,"target":{"file":"lib/vtls/wolfssl.c"},"digest":{"line_hashes":["257091547068256645533251025968372636123","199598968298026094710858393990661165633","305975120206186942044354979809484201357","24125197400487298044725282445728174467","12820204933263595408983791360032021985","70218941518905585996675380468072433443","87573501881005156796015919733221437457","280755341178989430502779366769189481793","14208651247972888649731911686390712644","294544813080860896394029298982097261110","146718513848752729812866230051346328411","143658575103886180749765293019881869122","318518420089108149635930730250834716872","296923588728900978858740961700501183560","73724796446795864522177628388100790372","329789519029211599477668060238374212484","320378417209615948541356923296431304552"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-b9f444f0","signature_version":"v1","deprecated":false,"target":{"function":"mesalink_connect_step3","file":"lib/vtls/mesalink.c"},"digest":{"function_hash":"147889718464087335282081349188703331599","length":844},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Line","id":"CURL-CVE-2021-22890-bca5c4b2","signature_version":"v1","deprecated":false,"target":{"file":"lib/vtls/gtls.c"},"digest":{"line_hashes":["179762783071256091365960214088830784518","252990963761753317857136106172522008978","164314980816883654486777258720930598575","212342420381344455306823325072848285601","17645554325269473170056550965104619846","3467212961533315680730317332549563457","88654581799858666037828758083275751073","167051427075528201530406113572794550721","209373483628350476846480053768715203973","192386842638600685337691095406914072849","85230467389655544941739295208306547826","251083998957469309771505669802094727634","185256911042148235613901029947293489181","243491213336976803667106177885224922152"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-c2e533e8","signature_version":"v1","deprecated":false,"target":{"function":"bearssl_connect_step1","file":"lib/vtls/bearssl.c"},"digest":{"function_hash":"163880928972476756723732308675377839012","length":3243},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-c4799ecd","signature_version":"v1","deprecated":false,"target":{"function":"mbed_connect_step1","file":"lib/vtls/mbedtls.c"},"digest":{"function_hash":"276475302268482871644127498029476582796","length":7243},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-e183e7af","signature_version":"v1","deprecated":false,"target":{"function":"ossl_connect_step1","file":"lib/vtls/openssl.c"},"digest":{"function_hash":"226927428522655040985649957869931781269","length":15725},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Line","id":"CURL-CVE-2021-22890-e35dc3d7","signature_version":"v1","deprecated":false,"target":{"file":"lib/vtls/bearssl.c"},"digest":{"line_hashes":["153150795396112561087559478049166698996","136351155573872060130239068884361884783","73399416979894975066049447037575183353","306485148453785096157827042814522198300","169903817817211969247950063845035785188","26636479870251327475484694260007367818","299794669769811602882183600780967867168","186667892868309991073275615113359786424","214418065083184592301954990834964192045","139425798331644137606415527615331566077","174059560534331777803416514203867159813","338425595069167505886682548896829795248"],"threshold":0.9},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"},{"signature_type":"Function","id":"CURL-CVE-2021-22890-f48e8c11","signature_version":"v1","deprecated":false,"target":{"function":"wolfssl_connect_step1","file":"lib/vtls/wolfssl.c"},"digest":{"function_hash":"246216009118561451855566779856158351947","length":8020},"source":"https://github.com/curl/curl.git/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844"}],"source":"https://curl.se/docs/CURL-CVE-2021-22890.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mingtao Yang (Facebook)","type":"FINDER"},{"name":"Daniel Stenberg","type":"REMEDIATION_DEVELOPER"}]}