UBUNTU-CVE-2017-9047

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2017-9047

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-9047.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-9047

Related

Published

2017-05-18T00:00:00Z

Modified

2017-05-18T00:00:00Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XMLELEMENTCONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). This allows us to write about "size" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.

References

Affected packages

Ubuntu:14.04:LTS / libxml2

Package

Name: libxml2
Purl: pkg:deb/ubuntu/libxml2?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.1+dfsg1-3ubuntu4.10

Affected versions

2.*

2.9.1+dfsg1-3ubuntu2

2.9.1+dfsg1-3ubuntu3

2.9.1+dfsg1-3ubuntu4

2.9.1+dfsg1-3ubuntu4.1

2.9.1+dfsg1-3ubuntu4.2

2.9.1+dfsg1-3ubuntu4.3

2.9.1+dfsg1-3ubuntu4.4

2.9.1+dfsg1-3ubuntu4.5

2.9.1+dfsg1-3ubuntu4.6

2.9.1+dfsg1-3ubuntu4.7

2.9.1+dfsg1-3ubuntu4.8

2.9.1+dfsg1-3ubuntu4.9

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2-dbg"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2-dbgsym"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2-dev"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2-dev-dbgsym"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2-doc"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2-udeb"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2-udeb-dbgsym"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2-utils"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2-utils-dbg"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "libxml2-utils-dbgsym"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "python-libxml2"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "python-libxml2-dbg"
        },
        {
            "binary_version": "2.9.1+dfsg1-3ubuntu4.10",
            "binary_name": "python-libxml2-dbgsym"
        }
    ]
}

Ubuntu:16.04:LTS / libxml2

Package

Name: libxml2
Purl: pkg:deb/ubuntu/libxml2?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.3+dfsg1-1ubuntu0.3

Affected versions

2.*

2.9.2+zdfsg1-4

2.9.2+zdfsg1-4ubuntu1

2.9.2+zdfsg1-4ubuntu2

2.9.2+zdfsg1-4ubuntu3

2.9.3+dfsg1-1

2.9.3+dfsg1-1ubuntu0.1

2.9.3+dfsg1-1ubuntu0.2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2-dbg"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2-dbgsym"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2-dev"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2-dev-dbgsym"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2-doc"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2-udeb"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2-udeb-dbgsym"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2-utils"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2-utils-dbg"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "libxml2-utils-dbgsym"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "python-libxml2"
        },
        {
            "binary_version": "2.9.3+dfsg1-1ubuntu0.3",
            "binary_name": "python-libxml2-dbg"
        }
    ]
}