CVE-2017-18258 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	A security issue has been found in libxml2 <= 2.9.6 compiled with LZMA support enabled, in the xz_head function in xzlib.c. This flaw allows a remote attacker to cause a denial of service via unbounded memory consumption, using a crafted XML payload.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-671	libxml2	2.9.5+6+g07e227ed-1	2.9.6+3+g5af594d8-1	Medium	Fixed

References
https://bugzilla.gnome.org/show_bug.cgi?id=786696 https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb