Vulnerability Name: | CVE-2022-29824 (CCN-225645) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Assigned: | 2022-03-08 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Published: | 2022-03-08 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Updated: | 2023-01-11 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Summary: | In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) 5.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)
5.0 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)
6.7 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-787 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2022-29824 Source: cve@mitre.org Type: Exploit, Third Party Advisory, VDB Entry cve@mitre.org Source: cve@mitre.org Type: Exploit, Third Party Advisory, VDB Entry cve@mitre.org Source: XF Type: UNKNOWN gnome-cve202229824-dos(225645) Source: cve@mitre.org Type: Patch, Third Party Advisory cve@mitre.org Source: CCN Type: GNOME GIT Repository [CVE-2022-29824] Fix integer overflows in xmlBuf and xmlBuffer Source: cve@mitre.org Type: Patch, Third Party Advisory cve@mitre.org Source: cve@mitre.org Type: Release Notes, Third Party Advisory cve@mitre.org Source: cve@mitre.org Type: Product, Third Party Advisory cve@mitre.org Source: cve@mitre.org Type: Mailing List, Third Party Advisory cve@mitre.org Source: cve@mitre.org Type: Mailing List, Third Party Advisory cve@mitre.org Source: cve@mitre.org Type: Mailing List, Third Party Advisory cve@mitre.org Source: cve@mitre.org Type: Mailing List, Third Party Advisory cve@mitre.org Source: CCN Type: Packet Storm Security [06-01-2022] libxml2 xmlBufAdd Heap Buffer Overflow Source: CCN Type: Packet Storm Security [11-14-2022] libxml2 xmlParseNameComplex Integer Overflow Source: cve@mitre.org Type: Third Party Advisory cve@mitre.org Source: cve@mitre.org Type: Third Party Advisory cve@mitre.org Source: cve@mitre.org Type: Third Party Advisory cve@mitre.org Source: CCN Type: IBM Security Bulletin 6611147 (MQ Operator) IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Golang Go, libxml2, curl, expat, libgcrypt and IBM WebSphere Application Server Liberty Source: CCN Type: IBM Security Bulletin 6615221 (Robotic Process Automation for Cloud Pak) Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak Source: CCN Type: IBM Security Bulletin 6619729 (AIX) AIX is vulnerable to a denial of service due to libxml2 (CVE-2022-29824) Source: CCN Type: IBM Security Bulletin 6837583 (App Connect Enterprise Certified Container) IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service due to CVE-2022-29824 Source: CCN Type: IBM Security Bulletin 6843885 (Watson Speech Services Cartridge for Cloud Pak for Data) IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNOME libxml2 (CVE-2022-29824) Source: CCN Type: IBM Security Bulletin 6848225 (Netcool Operations Insight) Netcool Operations Insight v1.6.7 contains fixes for multiple security vulnerabilities. Source: CCN Type: IBM Security Bulletin 6856409 (Cloud Pak for Security) IBM Cloud Pak for Security includes components with multiple known vulnerabilities Source: CCN Type: IBM Security Bulletin 6958506 (Security QRadar SIEM) IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities Source: cve@mitre.org Type: Patch, Third Party Advisory cve@mitre.org Source: CCN Type: WhiteSource Vulnerability Database CVE-2022-29824 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration RedHat 1: Configuration CCN 1: ![]() | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
BACK |