Описание
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
A flaw was found in libxml2. Parsing a XML document with the XML_PARSE_HUGE option enabled can result in an integer overflow because safety checks were missing in some functions. Also, the xmlParseEntityValue function didn't have any length limitation.
Отчет
This flaw is only triggered when parsing a multi-gigabyte XML document with the XML_PARSE_HUGE option enabled, and the most likely impact of this flaw is a Denial of Service in the application linked to the library. To reflect these conditions, Red Hat Product Security has rated this flaw as having a moderate security impact.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libxml2 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libxml2 | Out of support scope | ||
| Red Hat Enterprise Linux 8 | libxml2 | Fixed | RHSA-2023:0173 | 16.01.2023 |
| Red Hat Enterprise Linux 8 | libxml2 | Fixed | RHSA-2023:0173 | 16.01.2023 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | libxml2 | Fixed | RHSA-2024:0413 | 25.01.2024 |
| Red Hat Enterprise Linux 9 | libxml2 | Fixed | RHSA-2023:0338 | 23.01.2023 |
| Red Hat Enterprise Linux 9 | libxml2 | Fixed | RHSA-2023:0338 | 23.01.2023 |
| Text-Only JBCS | libxml2 | Fixed | RHSA-2022:8841 | 08.12.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
An issue was discovered in libxml2 before 2.10.3. When parsing a multi ...
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
EPSS
7.5 High
CVSS3