Bug 2321987 (CVE-2024-50602) - CVE-2024-50602 libexpat: expat: DoS via XML_ResumeParser
Summary: CVE-2024-50602 libexpat: expat: DoS via XML_ResumeParser
Keywords:
Status: NEW
Alias: CVE-2024-50602
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2322196 2322195 2322229 2322230
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-10-27 05:01 UTC by OSIDB Bzimport
Modified: 2025-04-11 08:20 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2024:10108 0 None None None 2024-11-20 14:11:49 UTC
Red Hat Product Errata RHBA-2024:10120 0 None None None 2024-11-20 16:58:39 UTC
Red Hat Product Errata RHBA-2024:10151 0 None None None 2024-11-21 10:34:07 UTC
Red Hat Product Errata RHBA-2024:10152 0 None None None 2024-11-21 10:41:36 UTC
Red Hat Product Errata RHBA-2024:10153 0 None None None 2024-11-21 10:42:07 UTC
Red Hat Product Errata RHBA-2024:10154 0 None None None 2024-11-21 10:41:58 UTC
Red Hat Product Errata RHBA-2024:10155 0 None None None 2024-11-21 10:54:15 UTC
Red Hat Product Errata RHBA-2024:10156 0 None None None 2024-11-21 11:03:15 UTC
Red Hat Product Errata RHBA-2024:10160 0 None None None 2024-11-21 12:04:07 UTC
Red Hat Product Errata RHBA-2024:10180 0 None None None 2024-11-21 20:31:05 UTC
Red Hat Product Errata RHBA-2024:10475 0 None None None 2024-12-02 07:25:09 UTC
Red Hat Product Errata RHBA-2024:10668 0 None None None 2024-12-02 11:41:26 UTC
Red Hat Product Errata RHBA-2024:9511 0 None None None 2024-11-13 06:55:21 UTC
Red Hat Product Errata RHBA-2024:9512 0 None None None 2024-11-13 06:56:58 UTC
Red Hat Product Errata RHBA-2024:9513 0 None None None 2024-11-13 06:57:09 UTC
Red Hat Product Errata RHBA-2024:9514 0 None None None 2024-11-13 07:01:17 UTC
Red Hat Product Errata RHBA-2024:9515 0 None None None 2024-11-13 07:01:27 UTC
Red Hat Product Errata RHBA-2024:9516 0 None None None 2024-11-13 07:22:09 UTC
Red Hat Product Errata RHBA-2024:9517 0 None None None 2024-11-13 07:35:00 UTC
Red Hat Product Errata RHBA-2024:9518 0 None None None 2024-11-13 07:42:53 UTC
Red Hat Product Errata RHBA-2024:9561 0 None None None 2024-11-13 14:47:55 UTC
Red Hat Product Errata RHBA-2024:9574 0 None None None 2024-11-13 17:34:55 UTC
Red Hat Product Errata RHBA-2024:9575 0 None None None 2024-11-13 17:35:22 UTC
Red Hat Product Errata RHBA-2024:9577 0 None None None 2024-11-13 17:41:48 UTC
Red Hat Product Errata RHBA-2024:9580 0 None None None 2024-11-13 17:48:39 UTC
Red Hat Product Errata RHBA-2024:9581 0 None None None 2024-11-13 17:50:15 UTC
Red Hat Product Errata RHBA-2024:9582 0 None None None 2024-11-13 17:50:50 UTC
Red Hat Product Errata RHBA-2024:9604 0 None None None 2024-11-13 21:57:17 UTC
Red Hat Product Errata RHBA-2024:9693 0 None None None 2024-11-14 18:48:16 UTC
Red Hat Product Errata RHBA-2024:9826 0 None None None 2024-11-18 08:33:40 UTC
Red Hat Product Errata RHBA-2024:9861 0 None None None 2024-11-18 10:51:54 UTC
Red Hat Product Errata RHBA-2024:9862 0 None None None 2024-11-18 10:55:28 UTC
Red Hat Product Errata RHBA-2024:9882 0 None None None 2024-11-18 14:19:03 UTC
Red Hat Product Errata RHBA-2024:9883 0 None None None 2024-11-18 14:30:05 UTC
Red Hat Product Errata RHBA-2024:9887 0 None None None 2024-11-18 16:20:40 UTC
Red Hat Product Errata RHBA-2024:9888 0 None None None 2024-11-18 16:38:53 UTC
Red Hat Product Errata RHBA-2024:9890 0 None None None 2024-11-18 16:49:36 UTC
Red Hat Product Errata RHBA-2025:3457 0 None None None 2025-04-01 11:55:40 UTC
Red Hat Product Errata RHSA-2024:10135 0 None None None 2024-11-21 09:03:48 UTC
Red Hat Product Errata RHSA-2024:11109 0 None None None 2024-12-16 13:40:09 UTC
Red Hat Product Errata RHSA-2024:11200 0 None None None 2024-12-17 18:48:21 UTC
Red Hat Product Errata RHSA-2024:9502 0 None None None 2024-11-13 01:19:55 UTC
Red Hat Product Errata RHSA-2024:9541 0 None None None 2024-11-13 14:22:19 UTC
Red Hat Product Errata RHSA-2025:3350 0 None None None 2025-03-27 16:19:01 UTC

Description OSIDB Bzimport 2024-10-27 05:01:00 UTC 
An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.
Comment 4 errata-xmlrpc 2024-11-13 01:19:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:9502 https://access.redhat.com/errata/RHSA-2024:9502
Comment 5 errata-xmlrpc 2024-11-13 14:22:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:9541 https://access.redhat.com/errata/RHSA-2024:9541
Comment 6 errata-xmlrpc 2024-11-21 09:03:47 UTC 
This issue has been addressed in the following products:

  Service Interconnect 1.4 for RHEL 9

Via RHSA-2024:10135 https://access.redhat.com/errata/RHSA-2024:10135
Comment 7 errata-xmlrpc 2024-12-16 13:40:08 UTC 
This issue has been addressed in the following products:

  Service Interconnect 1 for RHEL 9

Via RHSA-2024:11109 https://access.redhat.com/errata/RHSA-2024:11109
Comment 8 errata-xmlrpc 2024-12-17 18:48:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2024:11200 https://access.redhat.com/errata/RHSA-2024:11200
Comment 9 errata-xmlrpc 2025-03-27 16:18:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:3350 https://access.redhat.com/errata/RHSA-2025:3350
Note You need to log in before you can comment on or make changes to this bug.