Vigil@nce: libxml, denials of service
August 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can create malformed XML data, in order to generate a
denial of service in applications linked to libxml.
Severity: 2/4
Consequences: denial of service of service, denial of service of
client
Provenance: document
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 2
Creation date: 11/08/2009
IMPACTED PRODUCTS
– Debian Linux
– Fedora
– Mandriva Corporate
– Mandriva Enterprise Server
– Mandriva Linux
– Novell Linux Desktop
– Novell Open Enterprise Server
– OpenSUSE
– Red Hat Enterprise Linux
– SUSE Linux Enterprise Server
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The libxml/libxml2 library implements a XML parser. It is impacted
by two vulnerabilities.
A malicious DTD document generates an infinite recursion, which
fills the stack, and stop the application. This vulnerability is
different from VIGILANCE-VUL-8926 (https://vigilance.fr/tree/1/8926).
[grav:2/4; CVE-2009-2414]
An XML document, containing Notation and Enumeration attribute
types, forces the usage of freed memory, which stops the
application. [grav:2/4; CVE-2009-2416]
An attacker can therefore create malformed XML data, in order to
generate a denial of service in applications linked to libxml.
CHARACTERISTICS
Identifiers: BID-36010, CVE-2009-2414, CVE-2009-2416, DSA 1859-1,
DSA-1861-1, FEDORA-2009-8491, FEDORA-2009-8498, FEDORA-2009-8580,
FEDORA-2009-8582, FEDORA-2009-8594, FICORA #245608,
MDVSA-2009:200, RHSA-2009:1206-01, SUSE-SR:2009:013,
VIGILANCE-VUL-8930
http://vigilance.fr/vulnerability/libxml-denials-of-service-8930