Описание
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
Отчет
This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 5, 6, and 7.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | libxml2 | Not affected | ||
| Red Hat Enterprise Linux 6 | libxml2 | Not affected | ||
| Red Hat Enterprise Linux 7 | libxml2 | Not affected | ||
| Red Hat JBoss Core Services | libxml2 | Not affected | ||
| Red Hat JBoss Web Server 3 | libxml2 | Not affected | ||
| Red Hat Enterprise Linux 8 | libxml2 | Fixed | RHSA-2020:1827 | 28.04.2020 |
| Red Hat Enterprise Linux 8 | libxml2 | Fixed | RHSA-2020:1827 | 28.04.2020 |
Показывать по
Дополнительная информация
Статус:
3.5 Low
CVSS3
Связанные уязвимости
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is ...
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
Уязвимость функции xz_decomp библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
3.5 Low
CVSS3