Undefined What were you trying to do that didn't work?
- Scanning the system for vulnerabilities, using oscap command-line utility
What is the impact of this issue to you?
- Unable to generate html report using oscap command-line utility
Please provide the package NVR for which the bug is seen:
libxslt-1.1.34-9.el9_5.2.x86_64
How reproducible is this bug?:
Always
Steps to reproduce
- Install latest libxslt-1.1.34-9.el9_5.2.x86_64 package.
- Scan the system for vulnerabilities, using oscap command-line utility:
# wget -O - https://www.redhat.com/security/data/oval/v2/RHEL9/rhel-9.oval.xml.bz2 | bzip2 --decompress > rhel-9.oval.xml
# oscap oval eval --report vulnerability.html rhel-9.oval.xml
realloc failed !
Segmentation fault (core dumped)
# oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis --report /tmp/report.html /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml
--- Starting Evaluation ---
realloc failed !
Segmentation fault (core dumped)
- The report flag is what’s causing the issue here. The commands did not segfault without the flag
- The workaround is to downgrade the package to libxslt-1.1.34-9.el9_5.1.x86_64
Expected results:
- The command segfaults:
# oscap oval eval --report vulnerability.html rhel-9.oval.xml realloc failed ! Segmentation fault (core dumped)
- duplicates
-
RHEL-88149 libxslt version 1.1.34-9.el9_5.2 fails on realloc with segmentation fault when processing oscap xml files
-
- Closed
-
