Bug 2262879 (CVE-2023-52426) - CVE-2023-52426 expat: recursive XML entity expansion vulnerability
Summary: CVE-2023-52426 expat: recursive XML entity expansion vulnerability
Keywords:
Status: NEW
Alias: CVE-2023-52426
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2262885 2262887 2262886
Blocks: 2262876
TreeView+ depends on / blocked
 
Reported: 2024-02-05 23:31 UTC by Robb Gatica
Modified: 2024-02-26 06:38 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in Expat (libexpat). If XML_DTD is undefined at compile time, a recursive XML Entity Expansion condition can be triggered. This issue may lead to a condition where data is expanded exponentially, which will quickly consume system resources and cause a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Robb Gatica 2024-02-05 23:31:25 UTC
libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.

References:
[1] https://github.com/libexpat/libexpat/pull/777
[2] https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404

Comment 1 Robb Gatica 2024-02-05 23:56:08 UTC
Created expat tracking bugs for this issue:

Affects: fedora-all [bug 2262885]


Created mingw-expat tracking bugs for this issue:

Affects: fedora-all [bug 2262886]


Created xmlrpc-c tracking bugs for this issue:

Affects: fedora-all [bug 2262887]


Note You need to log in before you can comment on or make changes to this bug.