Bugzilla – Bug 972335
VUL-0: CVE-2016-3627: libxml2: stack exhaustion while parsing xml files in recovery mode
Last modified: 2019-08-16 17:14:48 UTC
rh#1319829 A vulnerability was found in a way libxml2 parses certain files. With the libxml2 in recovery mode, a maliciously crafted filed could cause libxml2 to crash. References: https://bugzilla.redhat.com/show_bug.cgi?id=1319829 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3627 http://seclists.org/oss-sec/2016/q1/683 http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-3627.html
bugbot adjusting priority
Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=762100
Created attachment 672971 [details] Reproducer from Gustavo Grieco.
This issue defiantly isn't as severe as first thought, It is a DOS attack but it can only take place against applications that attempt to recover from invalid xml, hopefully the only applications using this and accepting untrusted input are development tools, but I guess we never can be sure.
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2016-05-06. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/62650
SUSE-SU-2016:1204-1: An update that solves one vulnerability and has one errata is now available. Category: security (moderate) Bug References: 972335,975947 CVE References: CVE-2016-3627 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): libxml2-2.9.1-20.1 SUSE Linux Enterprise Software Development Kit 12 (src): libxml2-2.9.1-20.1 SUSE Linux Enterprise Server 12-SP1 (src): libxml2-2.9.1-20.1, python-libxml2-2.9.1-20.1 SUSE Linux Enterprise Server 12 (src): libxml2-2.9.1-20.1, python-libxml2-2.9.1-20.1 SUSE Linux Enterprise Desktop 12-SP1 (src): libxml2-2.9.1-20.1, python-libxml2-2.9.1-20.1 SUSE Linux Enterprise Desktop 12 (src): libxml2-2.9.1-20.1, python-libxml2-2.9.1-20.1
SUSE-SU-2016:1205-1: An update that solves one vulnerability and has one errata is now available. Category: security (moderate) Bug References: 972335,975947 CVE References: CVE-2016-3627 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): libxml2-2.7.6-0.40.1 SUSE Linux Enterprise Server 11-SP4 (src): libxml2-2.7.6-0.40.1, libxml2-python-2.7.6-0.40.3 SUSE Linux Enterprise Debuginfo 11-SP4 (src): libxml2-2.7.6-0.40.1, libxml2-python-2.7.6-0.40.3
openSUSE-SU-2016:1298-1: An update that solves one vulnerability and has one errata is now available. Category: security (moderate) Bug References: 972335,975947 CVE References: CVE-2016-3627 Sources used: openSUSE Leap 42.1 (src): libxml2-2.9.1-16.1, python-libxml2-2.9.1-16.1
released
openSUSE-SU-2016:1446-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 962796,972335,975947 CVE References: CVE-2016-3627,CVE-2016-3705 Sources used: openSUSE 13.2 (src): libxml2-2.9.3-7.11.1, python-libxml2-2.9.3-7.11.1
openSUSE-SU-2016:1594-1: An update that solves 12 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 972335,975947,978395,981040,981041,981108,981109,981110,981111,981112,981114,981115,983288 CVE References: CVE-2016-1762,CVE-2016-1833,CVE-2016-1834,CVE-2016-1835,CVE-2016-1836,CVE-2016-1837,CVE-2016-1838,CVE-2016-1839,CVE-2016-1840,CVE-2016-3627,CVE-2016-3705,CVE-2016-4483 Sources used: openSUSE 13.2 (src): libxml2-2.9.4-7.17.1, python-libxml2-2.9.4-7.17.1
*** Bug 1026099 has been marked as a duplicate of this bug. ***