Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-9251

Опубликовано: 04 апр. 2018
Источник: debian
EPSS Низкий

Описание

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libxml2not-affectedpackage

Примечания

  • https://bugzilla.gnome.org/show_bug.cgi?id=794914

  • Fixed by: https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74

  • Before upstream commit https://gitlab.gnome.org/GNOME/libxml2/-/commit/e2a9122b8dde53d320750451e9907a7dcb2ca8bb

  • the memlimit argument to lzma_auto_decoder was set to UINT64_MAX, possibly

  • allowing a malicious LZMA compressed files to consume large amounts of memory

  • when decompressed. Setting memlimit to UINT64_MAX the limiter is effectively

  • disabled and "lzma_auto_decoder(&state->strm, UINT64_MAX, 0)" can never result

  • in LZMA_MEMLIMIT_ERROR outcome because there is no way to exceed UINT64_MAX.

  • Thus CVE-2018-9251 is only affecting libxml2 if e2a9122b8dde53d320750451e9907a7dcb2ca8bb

  • is applied.

EPSS

Процентиль: 77%
0.01046
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-9251

CVSS3: 5.3
ubuntu
почти 8 лет назад

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

redhat логотип

CVE-2018-9251

CVSS3: 3.5
redhat
почти 8 лет назад

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

nvd логотип

CVE-2018-9251

CVSS3: 5.3
nvd
почти 8 лет назад

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

github логотип

GHSA-qvh5-3xv2-rf6p

CVSS3: 5.3
github
больше 3 лет назад

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

fstec логотип

BDU:2019-00734

CVSS3: 5.3
fstec
почти 8 лет назад

Уязвимость функции xz_decomp библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 77%
0.01046
Низкий