CVE-2016-4658 libxml2: Use after free via namespace node in XPointer ranges
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Joe Slater |
Bug Description
CVE-2016-4658 libxml2: Use after free via namespace node in XPointer ranges
Score:
CVSSv2: 10 (AV:N/AC:
Description:
xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.
References:
https:/
https:/
https:/
https:/
Required package version:
libxml2-
libxml2-
libxml2-
Packages:
libxml2
Found during December 2021 CVE Scan
CVE References
information type: | Public → Public Security |
Changed in starlingx: | |
assignee: | Yue Tao (wrytao) → Joe Slater (jslater0wind) |
Changed in starlingx: | |
importance: | High → Medium |
tags: |
added: in-r-stx60 removed: stx.cherrypickneeded |
Screening: Marking as medium priority as this CVE meets the StarlingX fix criteria. Should be fixed in stx master and cherrypicked to the r/stx.6.0 release branch at some point. However, we will not hold up the stx.6.0 release on this as CVEs can be reported at any time.