Details
-
Bug
-
Resolution: Won't Do
-
Normal
-
None
-
None
-
False
-
-
False
-
Unset
-
No
Description
Security Tracking Issue
Do not make this issue public.
Impact: Moderate
Reported Date: 11-Apr-2023
Resolve Bug By: 08-Oct-2023
In case the dates above are already past, please evaluate this bug in your next prioritization review and make a decision then. Remember to explicitly set CLOSED:WONTFIX if you decide not to fix this bug.
Please review this tracker and its impact on your product or service, as soon as possible. The trackers are filed WITHOUT in-depth analysis as the vulnerability has a Low or Moderate severity impact on this product or service. For more details, please refer to following confluence page - https://docs.engineering.redhat.com/x/3e_3EQ
Please see the Security Errata Policy for further details: https://docs.engineering.redhat.com/x/9kKpDw
Flaws:
------
CVE-2023-29469 libxml2: Hashing of empty dict strings isn't deterministic
https://bugzilla.redhat.com/show_bug.cgi?id=2185984
When hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results. This could lead to various logic or memory errors, including double frees.
References:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4
https://gitlab.gnome.org/GNOME/libxml2/-/commit/09a2dd453007f9c7205274623acdd73747c22d64
~~~
CVE-2023-28484 libxml2: NULL dereference in xmlSchemaFixupComplexType
https://bugzilla.redhat.com/show_bug.cgi?id=2185994
NULL pointer dereference when parsing (invalid) XML schemas.
References:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4
https://gitlab.gnome.org/GNOME/libxml2/-/commit/647e072ea0a2f12687fa05c172f4c4713fdb0c4f
https://gitlab.gnome.org/GNOME/libxml2/-/commit/4c6922f763ad958c48ff66f82823ae21f2e92ee6