{"id":"MGASA-2023-0157","summary":"Updated libxml2 packages fix security vulnerability","details":"NULL Pointer Dereference allows attackers to cause a denial of service (or\napplication crash). This only applies when lxml is used together with\nlibxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected.\nIt allows triggering crashes through forged input data, given a vulnerable\ncode sequence in the application. The vulnerability is caused by the\niterwalk function (also used by the canonicalize function). Such code\nshouldn't be in wide-spread use, given that parsing + iterwalk would\nusually be replaced with the more efficient iterparse function. However,\nan XML converter that serialises to C14N would also be vulnerable, for\nexample, and there are legitimate use cases for this code sequence. If\nuntrusted input is received (also remotely) and processed via iterwalk\nfunction, a crash can be triggered. (CVE-2022-2309)\nNULL dereference in xmlSchemaFixupComplexType. (CVE-2023-28484)\nHashing of empty dict strings isn't deterministic. (CVE-2023-29469)\n","modified":"2026-01-30T03:16:25.274339Z","published":"2023-05-06T18:19:07Z","related":["CVE-2022-2309","CVE-2023-28484","CVE-2023-29469"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0157.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31810"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/O2AHHHTXMCLOVEDOB7VUJWRWH5RXZTEG/"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-5760-1"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31231"}],"affected":[{"package":{"name":"libxml2","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/libxml2?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.10-7.7.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0157.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}