Detections
Analytics

GLSA-202402-11 : libxml2: Multiple Vulnerabilities

high Nessus Plugin ID 190354

Language:

Description

The remote host is affected by the vulnerability described in GLSA-202402-11 (libxml2: Multiple Vulnerabilities)

 - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. (CVE-2023-28484)

 - An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). (CVE-2023-29469)

 - libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails.
 This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail. (CVE-2023-45322)

 - An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. (CVE-2024-25062)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

All libxml2 users should upgrade to the latest version:

 # emerge --sync # emerge --ask --oneshot --verbose >=dev-libs/libxml2-2.12.5 If you cannot update to libxml2-2.12 yet you can update to the latest 2.11 version:

 # emerge --sync # emerge --ask --oneshot --verbose >=dev-libs/libxml2-2.11.7 =dev-libs/libxml2-2.11*

See Also

https://security.gentoo.org/glsa/202402-11

https://bugs.gentoo.org/show_bug.cgi?id=904202

https://bugs.gentoo.org/show_bug.cgi?id=905399

https://bugs.gentoo.org/show_bug.cgi?id=915351

https://bugs.gentoo.org/show_bug.cgi?id=923806

Plugin Details

Severity: High

ID: 190354

File Name: gentoo_GLSA-202402-11.nasl

Version: 1.1

Type: local

Published: 2/9/2024

Updated: 2/13/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2024-25062

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:libxml2, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/9/2024

Vulnerability Publication Date: 4/13/2023

Reference Information

CVE: CVE-2023-28484, CVE-2023-29469, CVE-2023-45322, CVE-2024-25062