StarlingX

Debian CVE-2022-40674: expat: a use-after-free in the doContent function

Bug #1994107 reported by Yue Tao on 2022-10-25

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	StarlingX	Fix Released	Medium	Yue Tao

Bug Description

CVE-2022-40674: [https://nvd.nist.gov/vuln/detail/CVE-2022-40674]
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

Score:
cve_id status cvss3Score av ac pr ui ai
CVE-2022-40674 fixed 9.8 N L N N H

References:
https://security-tracker.debian.org/tracker/DSA-5236-1

['libexpat1_2.2.10-2+deb11u3_amd64.deb===>libexpat1_2.2.10-2+deb11u4_amd64.deb', 'libexpat1-dev_2.2.10-2+deb11u3_amd64.deb===>libexpat1-dev_2.2.10-2+deb11u4_amd64.deb']

Found during September 2022 CVE scan using vulscan

Tags:

CVE References

2022-40674

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2022-10-27:

screening: stx.8.0 / medium - CVE meets the stx fix criteria

information type:	Public → Public Security
tags:	added: stx.8.0 stx.security
Changed in starlingx:
importance:	Undecided → Medium
status:	New → Triaged
assignee:	nobody → Yue Tao (wrytao)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-11-10: Fix proposed to tools (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/tools/+/864162

Changed in starlingx:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-11-10: Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/864162
Committed: https://opendev.org/starlingx/tools/commit/2ee522337b2bf3cd8c70448f52b09c7678251ba4
Submitter: "Zuul (22348)"
Branch: master

commit 2ee522337b2bf3cd8c70448f52b09c7678251ba4
Author: Yue Tao <email address hidden>
Date: Thu Nov 10 14:37:56 2022 +0800

Debian: expat: fix CVE-2022-40674

Upgrade libexpat1 to 2.2.10-2+deb11u4
Upgrade libexpat1-dev to 2.2.10-2+deb11u4

Refer to:
https://security-tracker.debian.org/tracker/CVE-2022-40674

Test Plan:

Pass: build all
Pass: boot

Closes-Bug: 1994107

Signed-off-by: Yue Tao <email address hidden>
Change-Id: Id27696a2c1e0bc8ae86c3238a0774a6e2b0407e4

Changed in starlingx:
status:	In Progress → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.