oss-security - Crafted xml causes out of bound memory access

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Date: Thu, 22 Oct 2015 10:33:58 +0530
From: GAURAV GUPTA <ya1gaurav@...il.com>
To: oss-security@...ts.openwall.com, cve-assign@...re.org
Cc: veillard@...hat.com
Subject: Crafted xml causes out of bound memory access - Libxml2

Please assign cve for below reported vulnerability.
---------- Forwarded message ----------
From: "GAURAV GUPTA" <ya1gaurav@...il.com>
Date: Oct 22, 2015 10:12 AM
Subject: Crafted xml causes out of bound memory access - Libxml2
To: <cve-assign@...re.org>
Cc: <veillard@...hat.com>

Hello,
Please assign CVE for below vulnerability:

Description : Out of bound read in libxml2 with crafted xml input. It is
detected using Fuzzer - American fuzzy loop.

Reported discussion : https://bugzilla.gnome.org/show_bug.cgi?id=744980

Upstream Fixes :
1.
https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31

2.
https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489

Thanks.
-- 
Regards,
Gaurav Gupta

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.