BDU:2023-03298

Уязвимость функции xmlSchemaFixupComplexType (xmlschemas.c) библиотеки Libxml2, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

CVE-2023-28484

Published: 2023-04-24

BDU:2023-03302

Уязвимость функции xmlDictComputeFastKey (dict.c) библиотеки Libxml2, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

CVE-2023-29469

Published: 2023-04-25
Modified: 2024-11-21

CVE-2023-28484

In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Published: 2023-04-25
Modified: 2025-02-05

CVE-2023-29469

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value).

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Version: 2.1.0

Branch sisyphus_riscv64 update on 2023-05-04

ALT-BU-2023-3334-1

ALT-PU-2023-3331-1

Closed bugs

Bug #45944

ALT-PU-2023-3332-1

Closed bugs

Bug #45945

ALT-PU-2023-3333-1

Closed vulnerabilities

BDU:2023-03298

BDU:2023-03302

CVE-2023-28484

CVE-2023-29469