Bug 5927 - [Anolis OS 8] Bugfix for CVE-2022-43680
Summary: [Anolis OS 8] Bugfix for CVE-2022-43680
Status: NEW
Alias: None
Product: Anolis OS 8
Classification: Anolis OS
Component: BaseOS Packages (show other bugs) BaseOS Packages
Version: 8.6
Hardware: All Linux
: P3-Medium S3-normal
Target Milestone: ---
Assignee: Jacob
QA Contact: shuming
URL:
Whiteboard:
Keywords: CVE
Depends on:
Blocks:
 
Reported: 2023-07-19 04:07 UTC by 小龙
Modified: 2023-07-19 04:07 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description 小龙 admin 2023-07-19 04:07:41 UTC
Description:
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

Broken commit info:

Bugfix commit info:
https://github.com/libexpat/libexpat/pull/616
https://github.com/libexpat/libexpat/pull/650
https://github.com/libexpat/libexpat/commit/56967f83d68d5fc750f9e66a9a76756c94c7c173
https://github.com/libexpat/libexpat/commit/5290462a7ea1278a8d5c0d5b2860d4e244f997e4