Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2022:0178-1

Опубликовано: 25 янв. 2022
Источник: suse-cvrf

Описание

Security update for expat

This update for expat fixes the following issues:

  • CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior (bsc#1194251).
  • CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog (bsc#1194362).
  • CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse.c (bsc#1194474).
  • CVE-2022-22823: Fixed integer overflow in build_model in xmlparse.c (bsc#1194476).
  • CVE-2022-22824: Fixed integer overflow in defineAttribute in xmlparse.c (bsc#1194477).
  • CVE-2022-22825: Fixed integer overflow in lookup in xmlparse.c (bsc#1194478).
  • CVE-2022-22826: Fixed integer overflow in nextScaffoldPart in xmlparse.c (bsc#1194479).
  • CVE-2022-22827: Fixed integer overflow in storeAtts in xmlparse.c (bsc#1194480).

Список пакетов

openSUSE Leap 15.3
expat-2.2.5-3.9.1
libexpat-devel-2.2.5-3.9.1
libexpat-devel-32bit-2.2.5-3.9.1
libexpat1-2.2.5-3.9.1
libexpat1-32bit-2.2.5-3.9.1

Ссылки

Описание

In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).

Затронутые продукты
openSUSE Leap 15.3:expat-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-32bit-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat1-2.2.5-3.9.1
Ссылки

Описание

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

Затронутые продукты
openSUSE Leap 15.3:expat-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-32bit-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat1-2.2.5-3.9.1
Ссылки

Описание

addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Затронутые продукты
openSUSE Leap 15.3:expat-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-32bit-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat1-2.2.5-3.9.1
Ссылки

Описание

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Затронутые продукты
openSUSE Leap 15.3:expat-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-32bit-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat1-2.2.5-3.9.1
Ссылки

Описание

defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Затронутые продукты
openSUSE Leap 15.3:expat-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-32bit-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat1-2.2.5-3.9.1
Ссылки

Описание

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Затронутые продукты
openSUSE Leap 15.3:expat-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-32bit-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat1-2.2.5-3.9.1
Ссылки

Описание

nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Затронутые продукты
openSUSE Leap 15.3:expat-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-32bit-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat1-2.2.5-3.9.1
Ссылки

Описание

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Затронутые продукты
openSUSE Leap 15.3:expat-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat-devel-32bit-2.2.5-3.9.1
openSUSE Leap 15.3:libexpat1-2.2.5-3.9.1
Ссылки
Уязвимость openSUSE-SU-2022:0178-1