The vulnerability of the xz_head function in the xzlib.c component of the Libxml2 library, related to a lack of resource allocation mechanism, allows attackers to cause service failures.

The vulnerability of the xzhead function in the xzlib.c component of the Libxml2 library is related to the lack of memory constraints. Exploiting this vulnerability allows a remote attacker to cause a service failure through the use of a specially created LZMA file...

libxml2: Unrestricted memory usage in xz_head() function in xzlib.c

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

CVE-2017-18258

The CVE-2017-18258 entry affects libxml2: the xz_head function in xzlib.c (pre-2.9.6) allows remote attackers to cause a denial of service via crafted LZMA files by not restricting memory usage to a legitimate file. Impact is memory consumption/DoS; no exploit details are provided in the initial ...

SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2015:0003-1)

This libxml2 update fixes the following security and non-security issues : - Fix a denial of service via recursive entity expansion. CVE-2014-3660, bnc901546, bgo738805 - Fix a regression in xzlib compression support. bnc908376 Note that Tenable Network Security has extracted the preceding...