Red Hat Bugzilla – Bug 1551525
CVE-2017-12627 xerces-c: Null pointer dereference while processing the path to DTD allows denial of service
Last modified: 2018-10-19 17:56:47 EDT
The Xerces-C XML parser mishandles certain kinds of external DTD references, resulting in dereference of a NULL pointer while processing the path to the DTD. The bug allows for a denial of service attack in applications that allow DTD processing and do not prevent external DTD usage, and could conceivably result in remote code execution. Upstream patch: https://svn.apache.org/viewvc?view=revision&revision=1819998 External References: https://xerces.apache.org/xerces-c/secadv/CVE-2017-12627.txt
Created xerces-c tracking bugs for this issue: Affects: fedora-all [bug 1551527] Created xerces-c27 tracking bugs for this issue: Affects: fedora-all [bug 1551526] Created mingw-xerces-c tracking bugs for this issue: Affects: fedora-all [bug 1551528] Created xerces-c tracking bugs for this issue: Affects: epel-6 [bug 1551530]
Statement: Red Hat Enterprise MRG and MRG-Messaging are currently in Maintenance phase. This issue has been rated as having Moderate security impact, and is not currently planned to be addressed in future releases of MRG or MRG-Messaging. For more information, refer to the Issue Severity Classification and the Life Cycle and Update Policies: https://access.redhat.com/security/updates/classification https://access.redhat.com/support/policy/update_policies/
Mitigation: Applications should strongly consider blocking remote entity resolution and/or outright disabling of DTD processing in light of the continued identification of bugs in this area of the library.