Bug 1956522 (CVE-2021-3537)
Summary: | CVE-2021-3537 libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | csutherl, dking, erik-fedora, fedora, gzaronik, igor.raits, jclere, jwon, kaycoth, krathod, ktietz, mturk, ohudlick, pjindal, rh-spice-bugs, rjones, szappis, tkorbar, veillard, vmugicag |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | libxml2 2.9.11 | Doc Type: | If docs needed, set a value |
Doc Text: |
A NULL pointer dereference flaw was found in libxml2, where it did not propagate errors while parsing XML mixed content. This flaw causes the application to crash if an untrusted XML document is parsed in recovery mode and post validated. The highest threat from this vulnerability is to system availability.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-06-29 16:41:20 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1962063, 1956523, 1956524, 1957282, 1957283, 1957284, 1957285, 1962055, 1962057, 1962058, 1962059, 1962060, 1962061, 1962064, 1962065 | ||
Bug Blocks: | 1956531, 1957460 |
Description
Pedro Sampaio
2021-05-03 20:32:55 UTC
Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1956524] Created mingw-libxml2 tracking bugs for this issue: Affects: fedora-all [bug 1956523] *** Bug 1956525 has been marked as a duplicate of this bug. *** *** Bug 1956528 has been marked as a duplicate of this bug. *** Acknowledgments: Name: yuawn (NSLab NTU Taiwan) Statement: For the flaw to be exploitable, the document must be parsed in recovery mode and postvalidated (e.g.: when used in the `xmlling` tool, both `-recover` and `-postvalid` options must be used for the flaw to be exploitable) This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:2569 https://access.redhat.com/errata/RHSA-2021:2569 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3537 This issue has been addressed in the following products: Red Hat JBoss Core Services Via RHSA-2022:1390 https://access.redhat.com/errata/RHSA-2022:1390 This issue has been addressed in the following products: JBoss Core Services on RHEL 7 JBoss Core Services for RHEL 8 Via RHSA-2022:1389 https://access.redhat.com/errata/RHSA-2022:1389 |