OSV-2022-1120 Heap-use-after-free in xmlXIncludeDoProcess

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52869 Crash type: Heap-use-after-free READ 4 Crash state: xmlXIncludeDoProcess xmlXIncludeProcessNode xmlTextReaderRead...

PT-2022-36730 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, which occurs when the program attempts to access memory that has already been freed. The crash state...

libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c

There's a flaw in libxml2. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...

libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c

There's a flaw in libxml2. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...

libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c

There's a flaw in libxml2. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...

SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2021:1523-1)

This update for libxml2 fixes the following issues : CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. CVE-2021-3517: Fixed a heap-based buffer overflow in entities.c:xmlEncodeEntitiesInternal bsc1185410. CVE-2021-3516: Fixed a use after free in...