CVE-2022-29824

In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:hyper-v:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:46

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/', 'name': 'FEDORA-2022-f624aad735', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/', 'name': 'FEDORA-2022-9136d646e4', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/', 'name': 'FEDORA-2022-be6d83642a', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/ -

11 Jan 2023, 17:33

Type Values Removed Values Added
CPE cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h700e:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h300e:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h500e:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
First Time Netapp h700s
Netapp h500s
Netapp h700s Firmware
Netapp h410c Firmware
Netapp solidfire \& Hci Management Node
Netapp h410s
Netapp h300s Firmware
Netapp h500s Firmware
Netapp h300s
Netapp h410c
Netapp h410s Firmware
References (MISC) http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html - (MISC) http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html - Exploit, Third Party Advisory, VDB Entry

14 Nov 2022, 19:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html -

28 Oct 2022, 20:40

Type Values Removed Values Added
References (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory
References (MISC) http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html - Exploit, Third Party Advisory (MISC) http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html - Exploit, Third Party Advisory, VDB Entry
References (GENTOO) https://security.gentoo.org/glsa/202210-03 - (GENTOO) https://security.gentoo.org/glsa/202210-03 - Third Party Advisory
First Time Oracle zfs Storage Appliance Kit
Oracle
CPE cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*

16 Oct 2022, 17:15

Type Values Removed Values Added
References
  • (GENTOO) https://security.gentoo.org/glsa/202210-03 -

25 Jul 2022, 18:22

Type Values Removed Values Added
References
  • (N/A) https://www.oracle.com/security-alerts/cpujul2022.html -

22 Jul 2022, 10:09

Type Values Removed Values Added
CPE cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:hyper-v:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h700e:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h500e:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h300e:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html - (MLIST) https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html - Mailing List, Third Party Advisory
References (DEBIAN) https://www.debian.org/security/2022/dsa-5142 - (DEBIAN) https://www.debian.org/security/2022/dsa-5142 - Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/ - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/ - Mailing List, Third Party Advisory
References (MISC) http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html - (MISC) http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html - Exploit, Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20220715-0006/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20220715-0006/ - Third Party Advisory
First Time Netapp hci Baseboard Management Controller
Netapp manageability Software Development Kit
Debian
Netapp
Netapp smi-s Provider
Debian debian Linux
Netapp clustered Data Ontap
Netapp ontap Select Deploy Administration Utility
Netapp snapdrive
Netapp snapmanager
Netapp clustered Data Ontap Antivirus Connector
Netapp active Iq Unified Manager

15 Jul 2022, 16:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20220715-0006/ -

02 Jun 2022, 14:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html -

23 May 2022, 11:16

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2022/dsa-5142 -

18 May 2022, 11:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/ -

17 May 2022, 01:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html -

14 May 2022, 03:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/ -

10 May 2022, 14:53

Type Values Removed Values Added
References (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab - (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab - Patch, Third Party Advisory
References (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14 - (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14 - Release Notes, Third Party Advisory
References (MISC) https://gitlab.gnome.org/GNOME/libxslt/-/tags - (MISC) https://gitlab.gnome.org/GNOME/libxslt/-/tags - Product, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/ - Mailing List, Third Party Advisory
References (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd - (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd - Patch, Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 4.3
v3 : 6.5
CPE cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
CWE CWE-190
First Time Xmlsoft libxml2
Fedoraproject fedora
Xmlsoft libxslt
Xmlsoft
Fedoraproject

07 May 2022, 10:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/ -

03 May 2022, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-05-03 03:15

Updated : 2023-12-10 14:22


NVD link : CVE-2022-29824

Mitre link : CVE-2022-29824

CVE.ORG link : CVE-2022-29824


JSON object : View

Products Affected

netapp

  • h700s_firmware
  • manageability_software_development_kit
  • h410s
  • snapmanager
  • solidfire_\&_hci_management_node
  • smi-s_provider
  • h300s
  • h700s
  • clustered_data_ontap_antivirus_connector
  • h410s_firmware
  • h500s
  • clustered_data_ontap
  • h300s_firmware
  • h410c
  • active_iq_unified_manager
  • ontap_select_deploy_administration_utility
  • h500s_firmware
  • h410c_firmware
  • snapdrive

oracle

  • zfs_storage_appliance_kit

xmlsoft

  • libxml2
  • libxslt

debian

  • debian_linux

fedoraproject

  • fedora
CWE
CWE-190

Integer Overflow or Wraparound