Vulnerability CVE-2022-29824: Information

Description

In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-29824
Published: May 3, 2022
Modified: Nov. 7, 2023
Error type identifier: CWE-190

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
libxml2sisyphus2.9.14-alt12.12.7-alt1ALT-PU-2022-1807-1299383Fixed
libxml2sisyphus_e2k2.9.14-alt12.12.7-alt1ALT-PU-2022-4870-1-Fixed
libxml2sisyphus_riscv642.9.14-alt12.12.7-alt1ALT-PU-2022-4858-1-Fixed
libxml2p102.9.12-alt1.p10.12.9.12-alt1.p10.1ALT-PU-2023-1172-1314068Fixed
libxml2p10_e2k2.9.12-alt1.p10.12.9.12-alt1.p10.1ALT-PU-2023-2426-1-Fixed
libxml2c10f12.9.12-alt1.p10.12.9.12-alt1.p10.1ALT-PU-2023-1172-1314068Fixed
libxml2c9f22.9.12-alt1.c9f2.12.9.12-alt1.c9f2.1ALT-PU-2022-3377-1311279Fixed
libxml2p112.9.14-alt12.12.7-alt1ALT-PU-2022-1807-1299383Fixed
libxsltsisyphus1.1.37-alt11.1.39-alt1ALT-PU-2022-2687-1307481Fixed
libxsltsisyphus_e2k1.1.37-alt11.1.37-alt1ALT-PU-2022-6306-1-Fixed
libxsltsisyphus_riscv641.1.37-alt11.1.37-alt1ALT-PU-2022-6336-1-Fixed
libxsltc10f11.1.37-alt11.1.37-alt1ALT-PU-2024-7058-2345755Fixed
libxsltp111.1.37-alt11.1.39-alt1ALT-PU-2022-2687-1307481Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
  • Release Notes
  • Third Party Advisory
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
  • Patch
  • Third Party Advisory
https://gitlab.gnome.org/GNOME/libxslt/-/tags
  • Product
  • Third Party Advisory
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
  • Patch
  • Third Party Advisory
[debian-lts-announce] 20220516 [SECURITY] [DLA 3012-1] libxml2 security update
  • Mailing List
  • Third Party Advisory
DSA-5142
  • Third Party Advisory
http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html
  • Exploit
  • Third Party Advisory
  • VDB Entry
https://security.netapp.com/advisory/ntap-20220715-0006/
  • Third Party Advisory
N/A
  • Patch
  • Third Party Advisory
GLSA-202210-03
  • Third Party Advisory
http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html
  • Exploit
  • Third Party Advisory
  • VDB Entry
FEDORA-2022-9136d646e4
    FEDORA-2022-be6d83642a
      FEDORA-2022-f624aad735

          1. Configuration 1

            cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
            End excliding
            2.9.14
            cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
            End including
            1.1.35

            Configuration 2

            cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
            cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
            cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

            Configuration 3

            cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
            cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
            cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

            Configuration 4

            cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
            cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
            cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
            cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
            cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
            cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
            cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*
            cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*
            cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:hyper-v:*:*

            Configuration 5

            cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*

            Configuration 6

            cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

            Configuration 7

            cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

            Configuration 8

            cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

            Configuration 9

            cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

            Configuration 10

            cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
        VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
        Version: v24.5.3
        Back to top