{"id":"CURL-CVE-2016-9594","summary":"uninitialized random","details":"libcurl's (new) internal function that returns a good 32-bit random value was\nimplemented poorly and overwrote the pointer instead of writing the value into\nthe buffer the pointer pointed to.\n\nThis random value is used to generate nonces for Digest and NTLM\nauthentication, for generating boundary strings in HTTP formposts and\nmore. Having a weak or virtually non-existent random there makes these\noperations vulnerable.\n\nThis function is brand new in 7.52.0 and is the result of an overhaul to make\nsure libcurl uses strong random as much as possible - provided by the backend\nTLS crypto libraries when present.","aliases":["CVE-2016-9594"],"modified":"2025-11-12T00:50:45Z","published":"2016-12-23T08:00:00Z","database_specific":{"CWE":{"desc":"Use of Insufficiently Random Values","id":"CWE-330"},"affects":"both","last_affected":"7.52.0","www":"https://curl.se/docs/CVE-2016-9594.html","severity":"High","URL":"https://curl.se/docs/CVE-2016-9594.json","package":"curl"},"affected":[{"ranges":[{"type":"SEMVER","events":[{"introduced":"7.52.0"},{"fixed":"7.52.1"}]},{"type":"GIT","repo":"https://github.com/curl/curl.git","events":[{"introduced":"f682156a4fc6c43fb38db4abda49b9a1bc1ed368"},{"fixed":"f81b2277a8e7e9ce8809ccd30c25b8aa72101215"}]}],"versions":["7.52.0"],"database_specific":{"source":"https://curl.se/docs/CURL-CVE-2016-9594.json","vanir_signatures":[{"target":{"function":"randit","file":"lib/rand.c"},"source":"https://github.com/curl/curl.git/commit/f81b2277a8e7e9ce8809ccd30c25b8aa72101215","digest":{"length":1230,"function_hash":"206719334076114908897635094238920230244"},"deprecated":false,"id":"CURL-CVE-2016-9594-7c16b61b","signature_version":"v1","signature_type":"Function"},{"target":{"file":"lib/rand.c"},"source":"https://github.com/curl/curl.git/commit/f81b2277a8e7e9ce8809ccd30c25b8aa72101215","digest":{"line_hashes":["77154240506471223058694980721268944782","225800919729663311578040047587376635383","157317735576601701763703432388618243002","103722156573570438682155569941165872211"],"threshold":0.9},"deprecated":false,"id":"CURL-CVE-2016-9594-f0a0b628","signature_version":"v1","signature_type":"Line"}]}}],"schema_version":"1.7.3","credits":[{"name":"Kamil Dudka","type":"FINDER"},{"name":"Kamil Dudka","type":"REMEDIATION_DEVELOPER"}]}