Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

expat: Multiple vulnerabilites (CVE-2022-40674, CVE-2022-43680) #4244

Closed
CamberLoid opened this issue Oct 11, 2022 · 2 comments
Closed

expat: Multiple vulnerabilites (CVE-2022-40674, CVE-2022-43680) #4244

CamberLoid opened this issue Oct 11, 2022 · 2 comments
Assignees
@CamberLoid
Labels
has-fix Topic contains a fix for a known issue security Topic/issue involves a security issue/fixed

Comments

@CamberLoid
Copy link
Member

CamberLoid commented Oct 11, 2022
edited

CVE IDs

CVE-2022-40674 CVE-2022-43680

Other security advisory IDs

Debian:

Description

CVE-2022-40674

Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

References:

CVE-2022-43680

In expat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

Fixed by libexpat/libexpat#650 libexpat/libexpat#649

Patches

N/A, or see commit in references above.

PoC(s)

N/A
@CamberLoid CamberLoid added the security Topic/issue involves a security issue/fixed label Oct 11, 2022
@CamberLoid CamberLoid self-assigned this Oct 20, 2022
CamberLoid added a commit that referenced this issue Oct 24, 2022
@CamberLoid
expat: Update to 2.4.9 (Security, #4244)
4b55f81 
* Fixes CVE-2022-25236 CVE-2022-40674

Signed-off-by: Camber Huang <camber@poi.science>
@CamberLoid CamberLoid added the has-fix Topic contains a fix for a known issue label Oct 24, 2022
@CamberLoid CamberLoid changed the title expat: CVE-2022-40674 expat: Multiple vulnerabilites (CVE-2022-40674, CVE-2022-43680) Nov 3, 2022
@CamberLoid
Copy link
Member Author

Updated information about CVE-2022-43680

CamberLoid added a commit that referenced this issue Nov 3, 2022
@CamberLoid
expat: Update to 2.5.0 (Security, #4244)
b620e5e 
* Fix CVE-2022-43680
* Sover stays at 1, therefore no rebuild is required

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 3, 2022
@CamberLoid
expat: Update to 2.5.0 (Security, #4244)
37cfba4 
* Fix CVE-2022-43680
* Add a beyond file to install manpage
* Add "--disable-static" to manually suppress building of static library
* Sover stays at 1, therefore no rebuild is required

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 10, 2022
@CamberLoid
expat: Update to 2.4.9 (Security, #4244)
bec40d0 
* Fixes CVE-2022-25236 CVE-2022-40674

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 10, 2022
@CamberLoid
expat: Update to 2.5.0 (Security, #4244)
90c9bdd 
* Fix CVE-2022-43680
* Add a beyond file to install manpage
* Add "--disable-static" to manually suppress building of static library
* Sover stays at 1, therefore no rebuild is required

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 11, 2022
@CamberLoid
expat: Update to 2.4.9 (Security, #4244)
c44b3c0 
* Fixes CVE-2022-25236 CVE-2022-40674

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 11, 2022
@CamberLoid
expat: Update to 2.5.0 (Security, #4244)
bcd704d 
* Fix CVE-2022-43680
* Add a beyond file to install manpage
* Add "--disable-static" to manually suppress building of static library
* Sover stays at 1, therefore no rebuild is required

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 12, 2022
@CamberLoid
expat: Update to 2.4.9 (Security, #4244)
c1ec856 
* Fixes CVE-2022-25236 CVE-2022-40674

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 12, 2022
@CamberLoid
expat: Update to 2.5.0 (Security, #4244)
7f3f26f 
* Fix CVE-2022-43680
* Add a beyond file to install manpage
* Add "--disable-static" to manually suppress building of static library
* Sover stays at 1, therefore no rebuild is required

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 23, 2022
@CamberLoid
expat: Update to 2.4.9 (Security, #4244)
33b3735 
* Fixes CVE-2022-25236 CVE-2022-40674

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 23, 2022
@CamberLoid
expat: Update to 2.5.0 (Security, #4244)
464a92e 
* Fix CVE-2022-43680
* Add a beyond file to install manpage
* Sover stays at 1, therefore no rebuild is required

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 23, 2022
@CamberLoid
expat: Update to 2.5.0 (Security, #4244)
e6140d7 
* Fix CVE-2022-43680
* Add a beyond file to install manpage
* Sover stays at 1, therefore no rebuild is required

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 27, 2022
@CamberLoid
expat: Update to 2.4.9 (Security, #4244)
25fba79 
* Fixes CVE-2022-25236 CVE-2022-40674

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 27, 2022
@CamberLoid
expat: Update to 2.5.0 (Security, #4244)
cc53633 
* Fix CVE-2022-43680
* Add a beyond file to install manpage
* Sover stays at 1, therefore no rebuild is required

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 27, 2022
@CamberLoid
expat: Update to 2.4.9 (Security, #4244)
e2132e0 
* Fixes CVE-2022-25236 CVE-2022-40674

Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid added a commit that referenced this issue Nov 27, 2022
@CamberLoid
expat: Update to 2.5.0 (Security, #4244)
d1d8199 
* Fix CVE-2022-43680
* Add a beyond file to install manpage
* Sover stays at 1, therefore no rebuild is required

Signed-off-by: Camber Huang <camber@poi.science>
@CamberLoid
Copy link
Member Author

Fixed via #4290

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@CamberLoid CamberLoid

Labels
has-fix Topic contains a fix for a known issue security Topic/issue involves a security issue/fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CamberLoid