CVE-2018-9251 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Denial of service |
Description | A security issue has been found in libxml2 <= 2.9.8 compiled with LZMA support enabled, in the xz_decomp function in xzlib.c. This flaw allows a remote attacker to cause a denial of service via an infinite loop, using a crafted XML payload that triggers LZMA_MEMLIMIT_ERROR. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-673 | lib32-libxml2 | 2.9.8-3 | 2.9.8-4 | Medium | Fixed | |
AVG-672 | libxml2 | 2.9.8-4 | 2.9.8-5 | Medium | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
01 Oct 2018 | ASA-201810-4 | AVG-673 | lib32-libxml2 | Medium | denial of service |
01 Oct 2018 | ASA-201810-3 | AVG-672 | libxml2 | Medium | denial of service |
References |
---|
https://bugzilla.gnome.org/show_bug.cgi?id=794914 https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74 |