Bug 2491203 (CVE-2026-56412)
| Summary: | CVE-2026-56412 libexpat: libexpat: Use-after-free vulnerability due to improper handling of XML CDATA sections | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | crizzo, dschmidt, erezende, ilpinto, jkoehler, jlanda, jmitchel, jwong, kaycoth, kshier, lphiri, ltomasbo, omaciel, pbohmill, rhel-process-autobot, simaishi, smcdonal, stcannon, teagle, ttakamiy, watson-tool-maintainers, yguenane, ykashtan |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in libexpat. This vulnerability, present in versions before 2.8.2, stems from improper handling of XML CDATA sections, where the library fails to adequately track the depth of handler calls. This can result in a 'use-after-free' error, a type of memory corruption that could allow an attacker to crash the application or potentially gain unauthorized control.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2493315, 2493316, 2493317, 2493318, 2493319 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2026-06-21 17:01:15 UTC
|