Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2022-29824 - log back

CVE-2022-29824 edited at 18 May 2022 20:17:36

Severity

-	Unknown
+	Medium

Type

-	Unknown
+	Arbitrary code execution

Description

+	Integer overflow in xmlBuf (buf.c) and xmlBuffer (tree.c) can lead to out-of-bounds memory writes exploitable when parsing crafted multi-gigabyte xml files.

References

+	https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
+	https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
+	https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd

Notes

CVE-2022-29824 created at 18 May 2022 20:08:59