DSA-5142-1 libxml2 -- libxml2ID: oval:org.secpod.oval:def:88357 | Date: (C)2023-03-28 (M)2023-12-07 |
Class: PATCH | Family: unix |
Felix Wilhelm reported that several buffer handling functions in libxml2, a library providing support to read, modify and write XML and HTML files, don"t check for integer overflows, resulting in out-of-bounds memory writes if specially crafted, multi-gigabyte XML files are processed. An attacker can take advantage of this flaw for denial of service or execution of arbitrary code.
Platform: |
Linux Mint 4 |
Linux Mint 5 |
Product: |
python3-libxml2 |
python-libxml2 |
libxml2 |