Source: libxml2 Version: 2.9.14+dfsg-1.2 Severity: important Tags: security upstream Forwarded: https://gitlab.gnome.org/GNOME/libxml2/-/issues/378 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 2.9.10+dfsg-6.7+deb11u4 Control: found -1 2.9.10+dfsg-1
Hi, The following vulnerability was published for libxml2. CVE-2022-2309[0]: | NULL Pointer Dereference allows attackers to cause a denial of | service (or application crash). This only applies when lxml is used | together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and | earlier are not affected. It allows triggering crashes through | forged input data, given a vulnerable code sequence in the | application. The vulnerability is caused by the iterwalk function | (also used by the canonicalize function). Such code shouldn't be in | wide-spread use, given that parsing + iterwalk would usually be | replaced with the more efficient iterparse function. However, an XML | converter that serialises to C14N would also be vulnerable, for | example, and there are legitimate use cases for this code sequence. | If untrusted input is received (also remotely) and processed via | iterwalk function, a crash can be triggered. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-2309 https://www.cve.org/CVERecord?id=CVE-2022-2309 [1] https://gitlab.gnome.org/GNOME/libxml2/-/issues/378 [2] https://gitlab.gnome.org/GNOME/libxml2/-/commit/5930fe01963136ab92125feec0c6204d9c9225dc [3] https://gitlab.gnome.org/GNOME/libxml2/-/commit/a82ea25fc83f563c574ddb863d6c17d9c5abdbd2 Regards, Salvatore
