PT-2018-2348 · Libxml2+5 · Libxml2+5

Sam Fowler

·

Publicado

2018-06-18

·

Atualizado

2026-03-13

·

CVE-2018-14404

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.9
Description The issue is related to a NULL pointer dereference vulnerability in the xpath.c:xmlXPathCompOpEval() function of libxml2. This vulnerability can be exploited by a remote attacker, allowing them to cause a denial of service. The vulnerability occurs when parsing an invalid XPath expression in the XPATH OP AND or XPATH OP OR case. Applications that process untrusted XSL format inputs using the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.
Recommendations For libxml2 versions prior to 2.9.9, update to version 2.9.9 or later to resolve the issue. As a temporary workaround, consider restricting the use of the xpath.c:xmlXPathCompOpEval() function when parsing untrusted XSL format inputs until a patch is available.

Exploit

Correção

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALT-PU-2019-1924
ALT-PU-2019-3079
BDU:2019-00518
CESA-2020_1190
CESA-2020_1827
CVE-2018-14404
DLA-1524-1
DLA-2369-1
GHSA-6QVP-R6R3-9P7H
MGASA-2019-0047
OPENSUSE-SU-2018_3107-1
OPENSUSE-SU-2018_3110-1
OPENSUSE-SU-2019:0185-1
OPENSUSE-SU-2019_0185-1
OPENSUSE-SU-2024:10589-1
OPENSUSE-SU-2024:11016-1
OPENSUSE-SU-2024:11340-1
OPENSUSE-SU-2024:11912-1
OPENSUSE-SU-2024:13165-1
OPENSUSE-SU-2024:14174-1
OPENSUSE-SU-2025:14697-1
OPENSUSE-SU-2026:10356-1
RHSA-2020:1190
RHSA-2020:1827
RHSA-2020_1190
RHSA-2020_1827
SUSE-SU-2018:3080-1
SUSE-SU-2018:3081-1
SUSE-SU-2018_3080-1
SUSE-SU-2019:0272-1
SUSE-SU-2019:13985-1
SUSE-SU-2019_0272-1
USN-3739-1
USN-3739-2

Produtos afetados

Alt Linux
Centos
Red Hat
Suse
Ubuntu
Libxml2