Bug 1462225 (CVE-2017-0663)
Summary: | CVE-2017-0663 libxml2: Heap buffer overflow in xmlAddID | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | athmanem, bmcclain, c.david86, cfergeau, csutherl, dblechte, dmoppert, eedri, erik-fedora, fedora-mingw, gzaronik, jclere, ktietz, lgao, lsurette, mbabacek, mgoldboi, michal.skrivanek, mturk, myarboro, ohudlick, rbalakri, rh-spice-bugs, rjones, sardella, sherold, srevivo, twalsh, veillard, weli, ykaul, ylavi |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | libxml 2.9.5 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-06-30 05:49:14 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1462226, 1462227, 1462228, 1525811, 1695417 | ||
Bug Blocks: | 1462234 |
Description
Adam Mariš
2017-06-16 12:47:27 UTC
Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1462226] Created mingw-libxml2 tracking bugs for this issue: Affects: epel-7 [bug 1462227] Affects: fedora-all [bug 1462228] Potential RCE through pointer confusion: passing an xmlNs* where an xmlAttr* was intended .. xmlNs is a smaller structure with some overlap, so opportunity potentially exists to overwrite some juicy pointers after the end of the structure. The flaw exists in validation (xmlValidateDtd(), xmlValidateDocument()), so applications that do not attempt to validate untrusted documents are not impacted. Statement: This vulnerability exists in the DTD validation functionality of libxml2. Applications that do not attempt to validate untrusted documents are not impacted. Upstream patch: https://gitlab.gnome.org/GNOME/libxml2/commit/92b9e8c8 |