Bug 1579558 (CVE-2018-11210)

Summary: CVE-2018-11210 tinyxml2: heap-based buffer over-read in the XMLDocument::Parse function
Product: [Other] Security Response Reporter: Laura Pardo <lpardo>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: dominik, logans, mrceresa, rhel8-maint, richmattes
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-10 10:23:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1579559, 1579560, 1579561    
Bug Blocks:    

Description Laura Pardo 2018-05-17 22:40:24 UTC
A flaw was found in TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so.


Comment 1 Laura Pardo 2018-05-17 22:40:47 UTC
Created tinyxml2 tracking bugs for this issue:

Affects: epel-all [bug 1579560]
Affects: fedora-all [bug 1579559]

Comment 3 Rich Mattes 2018-05-26 23:23:28 UTC
It looks like this bug was closed upstream citing the fact that this was an incorrect use of the API.  Should we still try to look for ways to mitigate the issue, or defer to upstream and close these bugs out?