Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 466238 (CVE-2013-1969)

Summary: <dev-libs/libxml2-2.9.1 : Multiple Use-After-Free Vulnerabilities (CVE-2013-1969)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: major CC: gnome
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also:
Whiteboard: A2 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on: 476438    
Bug Blocks:    

Description Agostino Sarubbo gentoo-dev 2013-04-17 12:43:24 UTC
From ${URL} :

Multiple vulnerabilities have been reported in libxml2, which can be exploited by malicious people 
to potentially compromise an application using the library.

1) An use-after-free error in "htmlParseChunk()" can be exploited to dereference already freed 

2) Two use-after-free errors in "xmldecl_done()" can be exploited to dereference already freed 

The vulnerabilities are reported in version 2.9.0. Other versions may also be affected.

Fixed in the git repository.
Further details available to Secunia VIM customers

Provided and/or discovered by
Disclosed by the vendor via a git commit.

Original Advisory

@maintainer(s): after the bump, please say explicitly if the package is ready for the stabilization or not
Comment 1 Agostino Sarubbo gentoo-dev 2013-04-19 07:08:52 UTC
CVE-2013-1970 rejected
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2013-04-26 11:14:49 UTC
CVE-2013-1969 (
  Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other
  versions might allow context-dependent attackers to cause a denial of
  service (crash) and possibly execute arbitrary code via vectors related to
  the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a
  buffer overflow in the xmlBufGetInputBase function.
Comment 3 Alexandre Rostovtsev (RETIRED) gentoo-dev 2013-07-12 17:52:51 UTC
This was fixed in >=libxml2-2.9.1, which is being stabilized at bug #476438
Comment 4 Sergey Popov gentoo-dev 2013-08-28 07:40:36 UTC
Added to existing GLSA draft
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2013-11-10 15:19:06 UTC
This issue was resolved and addressed in
 GLSA 201311-06 at
by GLSA coordinator Sean Amoss (ackle).