search

NixOS / nixpkgs

Nix Packages collection & NixOS
MIT License
17.48k stars 13.66k forks source link

Vulnerability roundup 114: libxml2-2.9.12: 1 advisory [6.5] #172497

Closed ckauhaus closed 2 years ago

ckauhaus commented 2 years ago

search, files

CVE details

CVE-2022-29824

In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf) and tree.c (xmlBuffer) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.

Scanned versions: nixos-21.11: 3c5ae9be1f1.

Cc @edolstra

ckauhaus commented 2 years ago

See also: #166665

FliegendeWurst commented 2 years ago

Patched in #171516.