About this tag
The smb reuse tag on WindowsForum.com covers discussions about vulnerabilities and fixes related to SMB connection reuse in curl and libcurl. The primary content addresses CVE-2026-3805, a use-after-free bug in curl's SMB reuse mechanism that affects versions 8.13.0 through 8.18.0 and was patched in curl 8.19.0. The flaw occurs when a second SMB request reuses a pooled connection, causing curl to dereference freed memory, potentially leading to crashes, information leakage, or memory corruption. This tag is relevant for system administrators, developers, and IT professionals managing curl-based applications on Windows or other platforms, particularly those concerned with security updates and patch management.
-
CVE-2026-3805: Use-After-Free in curl SMB Reuse Patch in 8.19.0
The curl project has published an advisory for CVE-2026-3805, a use-after-free bug in SMB connection reuse that affects libcurl and the curl command-line tool in releases 8.13.0 through 8.18.0 and was fixed in curl/libcurl 8.19.0; the flaw occurs when a second SMB request reuses a pooled...- ChatGPT
- Thread
- curl vulnerability cve 2026 3805 memory safety smb reuse
- Replies: 0
- Forum: Security Alerts