Vulnerability CVE-2022-43680: Information

Description

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Published: Oct. 24, 2022
Modified: Jan. 21, 2024
Error type identifier: CWE-416

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
expatsisyphus2.5.0-alt12.5.0-alt1ALT-PU-2022-2958-1309227Fixed
expatsisyphus_e2k2.5.0-alt12.5.0-alt1ALT-PU-2022-6836-1-Fixed
expatsisyphus_mipsel2.5.0-alt12.5.0-alt1ALT-PU-2022-6830-1-Fixed
expatsisyphus_riscv642.5.0-alt12.5.0-alt1ALT-PU-2022-6844-1-Fixed
expatp102.5.0-alt12.5.0-alt1ALT-PU-2023-4144-2324220Fixed
expatp10_e2k2.5.0-alt12.5.0-alt1ALT-PU-2023-5082-1-Fixed
expatc10f12.5.0-alt12.5.0-alt1ALT-PU-2023-4120-1324221Fixed
expatc9f22.5.0-alt12.5.0-alt1ALT-PU-2023-4107-2324219Fixed
pocosisyphus1.12.4-alt11.12.5p1-alt1ALT-PU-2022-2969-1309335Fixed
pocosisyphus_e2k1.12.4-alt1.11.12.4-alt2ALT-PU-2022-7317-1-Fixed
pocop101.12.4-alt21.12.4-alt2ALT-PU-2022-3329-1311320Fixed
pocop10_e2k1.12.4-alt21.12.4-alt2ALT-PU-2022-7414-1-Fixed
pococ10f11.12.4-alt21.12.4-alt2ALT-PU-2022-3329-1311320Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://github.com/libexpat/libexpat/pull/650
  • Exploit
  • Issue Tracking
  • Patch
  • Third Party Advisory
https://github.com/libexpat/libexpat/pull/616
  • Exploit
  • Issue Tracking
  • Patch
  • Third Party Advisory
https://github.com/libexpat/libexpat/issues/649
  • Exploit
  • Issue Tracking
  • Patch
  • Third Party Advisory
[debian-lts-announce] 20221028 [SECURITY] [DLA 3165-1] expat security update
  • Mailing List
  • Third Party Advisory
DSA-5266
  • Third Party Advisory
GLSA-202210-38
  • Third Party Advisory
https://security.netapp.com/advisory/ntap-20221118-0007/
  • Third Party Advisory
FEDORA-2022-ae2559a8f4
  • Mailing List
  • Third Party Advisory
FEDORA-2022-3cf0e7ebc7
  • Mailing List
  • Third Party Advisory
FEDORA-2022-f3a939e960
  • Mailing List
  • Third Party Advisory
FEDORA-2022-5f1e2e9016
  • Mailing List
  • Third Party Advisory
FEDORA-2022-49db80f821
  • Mailing List
  • Third Party Advisory
FEDORA-2022-c43235716e
  • Mailing List
  • Third Party Advisory
[oss-security] 20231228 CVE-2022-43680: Apache OpenOffice: "Use after free" fixed in libexpat
  • Mailing List
  • Third Party Advisory
[oss-security] 20240103 CVE-2022-43680: Apache OpenOffice: "Use after free" fixed in libexpat
  • Mailing List
  • Third Party Advisory
    1. Configuration 1

      cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*

      Configuration 2

      cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

      cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

      Configuration 3

      cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

      cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

      cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

      Configuration 4

      cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

      Running on/with:
      cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

      Configuration 5

      cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

      Running on/with:
      cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

      Configuration 6

      cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

      Running on/with:
      cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

      Configuration 7

      cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

      Running on/with:
      cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

      Configuration 8

      cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

      Running on/with:
      cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

      Configuration 9

      cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*

      cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*

      cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*

      Configuration 10

      cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*

      Running on/with:
      cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*