Bug 2185994 (CVE-2023-28484)

Summary: CVE-2023-28484 libxml2: NULL dereference in xmlSchemaFixupComplexType
Product: [Other] Security Response Reporter: Pedro Sampaio <psampaio>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: adudiak, akarol, amackenz, amasferr, aoconnor, bbuckingham, bcourt, bdettelb, caswilli, chazlett, csutherl, dffrench, dking, dkuc, dmetzger, ehelms, fjansen, gmccullo, gtanzill, gzaronik, hkataria, ikanias, jary, jburrell, jclere, jhardy, jmitchel, jsherril, jtanner, kaycoth, kshier, lzap, mhulan, micjohns, myarboro, ngough, nmoumoul, nweather, oezr, ohudlick, orabin, pcreech, peholase, pjindal, plodge, rchan, rgodfrey, rh-spice-bugs, rravi, simaishi, smallamp, stcannon, sthirugn, szappis, tcarlin, tjochec, tkasparek, tohughes, veillard, vkrizan, vmugicag, yguenane
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: libxml2 2.10.4 Doc Type: If docs needed, set a value
Doc Text:
A NULL pointer dereference vulnerability was found in libxml2. This issue occurs when parsing (invalid) XML schemas.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2185998, 2186002, 2185995, 2185996, 2185997, 2185999, 2186000, 2186001, 2186691, 2186692, 2186693, 2186694, 2186696    
Bug Blocks: 2186003    

Description Pedro Sampaio 2023-04-11 19:21:28 UTC 
NULL pointer dereference when parsing (invalid) XML schemas.

References:

https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4
https://gitlab.gnome.org/GNOME/libxml2/-/commit/647e072ea0a2f12687fa05c172f4c4713fdb0c4f
https://gitlab.gnome.org/GNOME/libxml2/-/commit/4c6922f763ad958c48ff66f82823ae21f2e92ee6
Comment 1 Pedro Sampaio 2023-04-11 19:22:35 UTC 
Created libxml2 tracking bugs for this issue:

Affects: fedora-all [bug 2185996]


Created mingw-libxml2 tracking bugs for this issue:

Affects: fedora-all [bug 2185995]


Created pcem tracking bugs for this issue:

Affects: fedora-all [bug 2185997]


Created qt5-qtwebengine tracking bugs for this issue:

Affects: epel-all [bug 2185998]
Affects: fedora-all [bug 2185999]


Created qt6-qtwebengine tracking bugs for this issue:

Affects: fedora-all [bug 2186000]


Created rubygem-nokogiri tracking bugs for this issue:

Affects: epel-all [bug 2186002]
Affects: fedora-all [bug 2186001]
Comment 10 errata-xmlrpc 2023-08-01 08:49:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:4349 https://access.redhat.com/errata/RHSA-2023:4349
Comment 12 errata-xmlrpc 2023-08-08 08:19:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:4529 https://access.redhat.com/errata/RHSA-2023:4529
Comment 13 errata-xmlrpc 2023-08-15 17:37:16 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Core Services

Via RHSA-2023:4628 https://access.redhat.com/errata/RHSA-2023:4628
Comment 16 errata-xmlrpc 2024-01-24 16:47:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2024:0413 https://access.redhat.com/errata/RHSA-2024:0413