5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
80.4%
The libxml2 library is a development toolbox providing the implementation
of various XML standards.
It was found that the hashing routine used by libxml2 arrays was
susceptible to predictable hash collisions. Sending a specially-crafted
message to an XML service could result in longer processing time, which
could lead to a denial of service. To mitigate this issue, randomization
has been added to the hashing function to reduce the chance of an attacker
successfully causing intentional collisions. (CVE-2012-0841)
All users of libxml2 are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. The desktop must
be restarted (log out, then log back in) for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | ppc64 | libxml2-devel | < 2.7.6-4.el6_2.4 | libxml2-devel-2.7.6-4.el6_2.4.ppc64.rpm |
RedHat | 5 | s390 | libxml2-devel | < 2.6.26-2.1.15.el5_8.2 | libxml2-devel-2.6.26-2.1.15.el5_8.2.s390.rpm |
RedHat | 6 | x86_64 | libxml2-devel | < 2.7.6-4.el6_2.4 | libxml2-devel-2.7.6-4.el6_2.4.x86_64.rpm |
RedHat | 5 | ppc | libxml2-devel | < 2.6.26-2.1.15.el5_8.2 | libxml2-devel-2.6.26-2.1.15.el5_8.2.ppc.rpm |
RedHat | 5 | s390 | libxml2-debuginfo | < 2.6.26-2.1.15.el5_8.2 | libxml2-debuginfo-2.6.26-2.1.15.el5_8.2.s390.rpm |
RedHat | 6 | i686 | libxml2-devel | < 2.7.6-4.el6_2.4 | libxml2-devel-2.7.6-4.el6_2.4.i686.rpm |
RedHat | 5 | s390x | libxml2-devel | < 2.6.26-2.1.15.el5_8.2 | libxml2-devel-2.6.26-2.1.15.el5_8.2.s390x.rpm |
RedHat | 5 | x86_64 | libxml2-debuginfo | < 2.6.26-2.1.15.el5_8.2 | libxml2-debuginfo-2.6.26-2.1.15.el5_8.2.x86_64.rpm |
RedHat | 6 | s390x | libxml2 | < 2.7.6-4.el6_2.4 | libxml2-2.7.6-4.el6_2.4.s390x.rpm |
RedHat | 6 | ppc | libxml2-debuginfo | < 2.7.6-4.el6_2.4 | libxml2-debuginfo-2.7.6-4.el6_2.4.ppc.rpm |