CVE-2023-39615

2023-08-2900:00:00

ubuntu.com

xmlsoft libxml2

version 2.11.0

out-of-bounds read

denial of service

crafted xml file

vulnerability

security issue

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.3 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON

DISPUTED Xmlsoft Libxml2 v2.11.0 was discovered to contain an
out-of-bounds read via the xmlSAX2StartElement() function at
/libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of
Service (DoS) via supplying a crafted XML file. NOTE: the vendor’s position
is that the product does not support the legacy SAX1 interface with custom
callbacks; there is a crash even without crafted input.

Notes

Author	Note
ccdm94	as explained by upstream in issue #535, this is not considered a security issue, but, instead, a mode of operation that was not working properly, regardless of the input provided. It is also not possible to reproduce the issue in versions older than 2.11.0, meaning, no Ubuntu releases as of 2022-11-21 would allow this, the provided PoC not being able to generate the crash on these releases.