{"id":"CVE-2024-8176","summary":"Libexpat: expat: improper restriction of xml entity expansion depth in libexpat","details":"A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.","modified":"2026-05-19T04:03:20.135450616Z","published":"2025-03-14T08:19:48.962Z","related":["ALSA-2025:3531","ALSA-2025:3913","ALSA-2025:4048","ALSA-2025:7444","ALSA-2025:7512","SUSE-SU-2025:03239-1","SUSE-SU-2025:1186-1","SUSE-SU-2025:1201-1","SUSE-SU-2025:1295-1","SUSE-SU-2025:20207-1","SUSE-SU-2025:20311-1","openSUSE-SU-2025:14952-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/8xxx/CVE-2024-8176.json","cna_assigner":"redhat","cwe_ids":["CWE-674"]},"references":[{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/10"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/11"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/12"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/6"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/7"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/May/8"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2025/03/15/1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2025/09/24/11"},{"type":"WEB","url":"https://access.redhat.com/downloads/content/package-browser/"},{"type":"WEB","url":"https://catalog.redhat.com/software/containers/"},{"type":"WEB","url":"https://github.com/libexpat/libexpat/"},{"type":"WEB","url":"https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52"},{"type":"WEB","url":"https://security-tracker.debian.org/tracker/CVE-2024-8176"},{"type":"WEB","url":"https://ubuntu.com/security/CVE-2024-8176"},{"type":"WEB","url":"https://www.kb.cert.org/vuls/id/760160"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13681"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:22033"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:22034"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:22035"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:22607"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:22785"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:22842"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:22871"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:3531"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:3734"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:3913"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:4048"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:4446"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:4447"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:4448"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:4449"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:7444"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:7512"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:8385"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2024-8176"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/8xxx/CVE-2024-8176.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-8176"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20250328-0009/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310137"},{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=1239618"},{"type":"REPORT","url":"https://github.com/libexpat/libexpat/issues/893"},{"type":"FIX","url":"https://github.com/libexpat/libexpat/pull/973"},{"type":"FIX","url":"https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53"},{"type":"ARTICLE","url":"https://blog.hartwork.org/posts/expat-2-7-0-released/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libexpat/libexpat","events":[{"introduced":"0"},{"fixed":"6d4ffe856df497ac2cae33537665c3fec7ec8a00"}],"database_specific":{"source":"AFFECTED_FIELD","extracted_events":[{"introduced":"0"},{"fixed":"2.7.0"}]}}],"versions":["R_2_6_4","R_2_6_3","R_2_6_2","R_2_6_1","R_2_6_0","R_2_5_0","R_2_4_9","R_2_4_8","R_2_4_7","R_2_4_6","R_2_4_5","R_2_4_4","R_2_4_3","R_2_4_2","R_2_4_1","R_2_4_0","R_2_3_0","R_2_2_10","R_2_2_9","R_2_2_8","R_2_2_7","R_2_2_6","R_2_2_5","R_2_2_4","R_2_2_3","R_2_2_2","R_2_2_1","R_2_2_0","R_2_1_1","R_2_1_0","R_2_0_1","R_2_0_0","R_1_95_8","R_1_95_7","R_1_95_6","R_1_95_5","R_1_95_4","R_1_95_3","R_1_95_2","R_1_95_0","libexpat-alpha-1","start","sourceforge_init","jclark-orig","V20000512","V19991013","V19990728","V19990709","V19990626","V1_1","V19990425","V1990307","V19990109","V19981231","V19981122","V1_0","beta4","beta3","beta2","REC1_0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-8176.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.alpinelinux.org/alpine/aports","events":[{"introduced":"0"},{"fixed":"d068c3ff36fc6f4789988a09c69b434db757db53"}],"database_specific":{"source":"REFERENCES"}}],"versions":["v20250108","v3.22.0_alpha20241224","v3.21.0","v3.21.0_rc7","v3.21.0_rc6","v3.21.0_rc5","v3.21.0_rc4","v3.21.0_rc3","v3.21.0_rc2","v3.21.0_rc1","v20240923","v20240807","v20240606","v3.20.0","v3.20.0_rc2","v3.20.0_rc1","v20240329","v20240315","v20231219","v3.19.0","v3.19.0_rc4","v3.19.0_rc3","v3.19.0_rc2","v3.19.0_rc1","v20230901","v3.18.0","v3.18.0_rc6","v3.18.0_rc5","v3.18.0_rc4","v3.18.0_rc3","v3.18.0_rc2","v3.18.0_rc1","v20230329","v20230208","v3.17.0","v3.17.0_rc4","v3.17.0_rc3","v3.17.0_rc2","v3.17.0_rc1","v20221110","v20220809","v20220715","v3.16.0","v3.16.0_rc5","v3.16.0_rc4","v3.16.0_rc3","v3.16.0_rc2","v3.16.0_rc1","v20220328","v20220316","v3.15.0","v3.15.0_rc6","v3.15.0_rc5","v3.15.0_rc4","v3.15.0_rc3","v3.15.0_rc2","v3.15.0_rc1","v3.15.0_alpha20210804","v3.15.0_alpha20210730","v3.14.0","v3.14.0_rc4","v3.14.0_rc3","v3.14.0_rc2","v3.14.0_rc1","v20210212","v3.13.0","v3.13.0_rc5","v3.13.0_rc4","v3.13.0_rc3","v3.13.0_rc2","v3.13.0_rc1","v20201218","v20200917","v20200626","v3.12.0","v3.12.0_rc5","v3.12.0_rc4","v3.12.0_rc3","v3.12.0_rc2","v3.12.0_rc1","v20200428","v20200319","v20200312","v20200122","v20200117","v3.11.0","v20191219","v3.11.0_rc5","v3.11.0_rc4","v3.11.0_rc3","v3.11.0_rc2","v3.11_rc1","v20191114","v20190925","v20190809","v20190707","v3.10.0","v3.10.0_rc7","v3.10.0_rc6","v3.10.0_rc5","v3.10.0_rc4","v3.10.0_rc3","v3.10.0_rc2","v3.10.0_rc1","v20190508","v20190408","v20190228","v20190227","v3.9.0","v3.9.0_rc6","v3.9.0_rc5","v3.9.0_rc4","v3.9.0_rc3","v3.9.0_rc2","v3.9.0_rc1","v3.8.0","v3.8.0_rc10","v3.8.0_rc9","v3.8.0_rc8","v3.8.0_rc7","v3.8.0_rc6","v3.8.0_rc5","v3.8.0_rc4","v3.8.0_rc3","v3.8.0_rc2","v3.8.0_rc1","v3.7.0","v3.7.0_rc3","v3.7.0_rc2","v3.7.0_rc1","v3.6.0","v3.6.0_rc3","v3.6.0_rc2","v3.6.0_rc1","v3.5.0","v3.5.0_rc7","v3.5.0_rc6","v3.5.0_rc5","v3.5.0_rc4","v3.5.0_rc3","v3.5.0_rc2","v3.5.0_rc1","v3.4.0","v3.4.0_rc3","v3.4.0_rc2","v3.4.0_rc1","v160223","v3.3.0","v3.3.0_rc3","v3.3.0_rc2","v3.3.0_rc1","v3.2.0","v3.2.0_rc5","v3.2.0_rc4","v3.2.0_rc3","v3.2.0_rc2","v3.2.0_rc1","v150306","v3.1.0","v3.1.0_rc5","v3.1.0_rc4","v3.1.0_rc3","v3.1.0_rc2","v3.1.0_rc1","v141022","v141001","v140930","v3.0.0","v3.0.0_rc5","v3.0.0_rc4","v3.0.0_rc3","v3.0.0_rc2","v3.0.0_rc1","v140515","v140423","v140416","v131211","v131210","v2.7.0","v2.7.0_rc6","v2.7.0_rc5","v2.7.0_rc4","v2.7.0_rc3","v2.7.0_rc2","v2.7.0_rc1","v130910","v2.6.0","v2.6.0_rc6","v2.6.0_rc5","v2.6.0_rc4","v2.6.0_rc3","v2.6.0_rc2","v2.6.0_rc1","v130313","v130308","v130301","v121217","v121207","v2.5.0","v2.5.0_rc2","v121009","v120914","v120824","v120820","v2.4.0","v2.4.0_rc3","v2.4.0_rc2","v2.4.0_rc1","v120323","v120104","v111111","v2.3.0","v2.3.0_rc6","v2.3.0_rc5","v2.3.0_rc4","v2.3.0_rc3","v2.3.0_rc2","v2.3.0_rc1","v110827","v110825","v110824","v110817","v110606","v110527","v110525","v2.2.0_rc5","v2.2.0_rc4","v2.2.0_rc3","v2.2.0_rc2","v2.2.0_rc1","v110412","v110407","v110325","v110312","v110310","v110303","v101224","v101221","v20101216","v101216","v20101203","v101203","v2.1.0","v2.1.0_rc2","v2.1.0_rc1","v2.0.0","v2.0.0_rc3","v2.0.0_rc2","v2.0.0_rc1","v2.0.0_beta4","v2.0.0_beta3","v2.0.0_beta2","v2.0.0_beta1","v1.10-branch","v1.9.0","v1.9.0_rc5","v1.9.0_rc4","v1.9.0_rc2","v1.9.0_rc1","v1.9.0_beta4","v1.9.0_beta3","v1.9.0_beta2","v1.9.0_beta1","v1.9.0_alpha18","v1.9.0_alpha17","v1.9.0_alpha16","v1.9.0_alpha15","v1.9.0_alpha14","v1.9.0_alpha13","v1.9.0_alpha12","v1.9.0_alpha11","v1.9.0_alpha10","v1.9.0_alpha9","v1.9.0_alpha8","v1.9.0_alpha7"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-8176.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}