Updated libxml2 packages fix security vulnerability
Publication date: 06 May 2023Modification date: 06 May 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-2309 , CVE-2023-28484 , CVE-2023-29469
Description
NULL Pointer Dereference allows attackers to cause a denial of service (or
application crash). This only applies when lxml is used together with
libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected.
It allows triggering crashes through forged input data, given a vulnerable
code sequence in the application. The vulnerability is caused by the
iterwalk function (also used by the canonicalize function). Such code
shouldn't be in wide-spread use, given that parsing + iterwalk would
usually be replaced with the more efficient iterparse function. However,
an XML converter that serialises to C14N would also be vulnerable, for
example, and there are legitimate use cases for this code sequence. If
untrusted input is received (also remotely) and processed via iterwalk
function, a crash can be triggered. (CVE-2022-2309)
NULL dereference in xmlSchemaFixupComplexType. (CVE-2023-28484)
Hashing of empty dict strings isn't deterministic. (CVE-2023-29469)
References
- https://bugs.mageia.org/show_bug.cgi?id=31810
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/O2AHHHTXMCLOVEDOB7VUJWRWH5RXZTEG/
- https://ubuntu.com/security/notices/USN-5760-1
- https://bugs.mageia.org/show_bug.cgi?id=31231
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2309
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469
SRPMS
8/core
- libxml2-2.9.10-7.7.mga8