CVE-2022-29824

In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

History

18 May 2022, 11:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/ -

17 May 2022, 01:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html -

14 May 2022, 03:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/ -

10 May 2022, 14:53

Type Values Removed Values Added
CPE cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
References (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab - (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab - Patch, Third Party Advisory
References (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14 - (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14 - Release Notes, Third Party Advisory
References (MISC) https://gitlab.gnome.org/GNOME/libxslt/-/tags - (MISC) https://gitlab.gnome.org/GNOME/libxslt/-/tags - Product, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/ - Mailing List, Third Party Advisory
References (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd - (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd - Patch, Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 4.3
v3 : 6.5
CWE CWE-190
First Time Xmlsoft libxml2
Fedoraproject fedora
Xmlsoft libxslt
Xmlsoft
Fedoraproject

07 May 2022, 10:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/ -

03 May 2022, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-05-03 03:15

Updated : 2022-05-18 11:15


NVD link : CVE-2022-29824

Mitre link : CVE-2022-29824


JSON object : View

Products Affected

xmlsoft

  • libxml2
  • libxslt

fedoraproject

  • fedora
CWE
CWE-190

Integer Overflow or Wraparound