Errata ALT-PU-2022-3377-1: Information
Fixes
Published: Feb. 19, 2022
BDU:2022-01453
Уязвимость файла valid.c библиотеки анализа XML-документов libxml2, связанная с использованием памяти после освобождения, позволяющая нарушителю выполнить произвольный код
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: March 8, 2022
BDU:2022-03033
Уязвимость компонентов buf.c и tree.c библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Aug. 31, 2022
BDU:2022-06700
Уязвимость функции очистки объекта XML библиотеки анализа XML-документов libxml2, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (8.2) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Links:
Published: June 22, 2022
BDU:2022-06701
Уязвимость функции xmlParseNameComplex() библиотеки анализа XML-документов libxml2, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Severity: HIGH (8.2) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Links:
Published: Feb. 26, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
- https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
- https://security.netapp.com/advisory/ntap-20220331-0008/
- [debian-lts-announce] 20220408 [SECURITY] [DLA 2972-1] libxml2 security update
- https://support.apple.com/kb/HT213253
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- https://support.apple.com/kb/HT213258
- https://support.apple.com/kb/HT213254
- 20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
- 20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
- 20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5
- 20220516 APPLE-SA-2022-05-16-6 tvOS 15.5
- 20220516 APPLE-SA-2022-05-16-5 watchOS 8.6
- 20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4
- https://www.oracle.com/security-alerts/cpujul2022.html
- GLSA-202210-03
- FEDORA-2022-050c712ed7
Published: May 3, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-29824
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
- https://gitlab.gnome.org/GNOME/libxslt/-/tags
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
- [debian-lts-announce] 20220516 [SECURITY] [DLA 3012-1] libxml2 security update
- DSA-5142
- http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html
- https://security.netapp.com/advisory/ntap-20220715-0006/
- https://www.oracle.com/security-alerts/cpujul2022.html
- GLSA-202210-03
- http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html
- FEDORA-2022-9136d646e4
- FEDORA-2022-be6d83642a
- FEDORA-2022-f624aad735
Published: Nov. 23, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-40303
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0
- https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
- https://security.netapp.com/advisory/ntap-20221209-0003/
- https://support.apple.com/kb/HT213534
- https://support.apple.com/kb/HT213535
- https://support.apple.com/kb/HT213536
- https://support.apple.com/kb/HT213531
- https://support.apple.com/kb/HT213533
- 20221220 APPLE-SA-2022-12-13-7 tvOS 16.2
- 20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2
- 20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2
- 20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2
- 20221220 APPLE-SA-2022-12-13-8 watchOS 9.2
Published: Nov. 23, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-40304
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b
- https://gitlab.gnome.org/GNOME/libxml2/-/tags
- https://security.netapp.com/advisory/ntap-20221209-0003/
- https://support.apple.com/kb/HT213534
- https://support.apple.com/kb/HT213535
- https://support.apple.com/kb/HT213536
- https://support.apple.com/kb/HT213531
- https://support.apple.com/kb/HT213533
- 20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2
- 20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2
- 20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2
- 20221220 APPLE-SA-2022-12-13-7 tvOS 16.2
- 20221220 APPLE-SA-2022-12-13-8 watchOS 9.2