https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961

https://bugzilla.gnome.org/show_bug.cgi?id=759579

http://xmlsoft.org/news.html

[debian-lts-announce] 20171130 [SECURITY] [DLA 1194-1] libxml2 security update

https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html

USN-3739-1

[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8

[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - A remote code execution vulnerability in libxml2 could     enable an attacker using a specially crafted file to     execute arbitrary code within the context of an     unprivileged process. This issue is rated as High due     to the possibility of remote code execution in an     application that uses this library. Product: Android.
    Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1,     7.1.2. Android ID: A-37104170.(CVE-2017-0663)

  - parser.c in libxml2 before 2.9.5 mishandles     parameter-entity references because the NEXTL macro     calls the xmlParserHandlePEReference function in the     case of a '%' character in a DTD name.(CVE-2017-16931)

  - parser.c in libxml2 before 2.9.5 does not prevent     infinite recursion in parameter     entities.(CVE-2017-16932)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to its version, the ClamAV clamd antivirus daemon running on the remote host is prior to 0.100.1. It is, therefore, affected by multiple vulnerabilities.

Joel Esler reports :

3 security fixes in this release :

- CVE-2017-16932: Vulnerability in libxml2 dependency (affects ClamAV on Windows only).

- CVE-2018-0360: HWP integer overflow, infinite loop vulnerability.
Reported by Secunia Research at Flexera.

- CVE-2018-0361: ClamAV PDF object length check, unreasonably long time to parse relatively small file. Report ed by aCaB.

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - Use-after-free vulnerability in libxml2 through 2.9.4,     as used in Google Chrome before 52.0.2743.82, allows     remote attackers to cause a denial of service or     possibly have unspecified other impact via vectors     related to the XPointer range-to     function.(CVE-2016-5131)

  - parser.c in libxml2 before 2.9.5 mishandles     parameter-entity references because the NEXTL macro     calls the xmlParserHandlePEReference function in the     case of a '%' character in a DTD name.(CVE-2017-16931)

  - parser.c in libxml2 before 2.9.5 does not prevent     infinite recursion in parameter     entities.)CVE-2017-16932)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - Use-after-free vulnerability in libxml2 through 2.9.4,     as used in Google Chrome before 52.0.2743.82, allows     remote attackers to cause a denial of service or     possibly have unspecified other impact via vectors     related to the XPointer range-to     function.(CVE-2016-5131)

  - parser.c in libxml2 before 2.9.5 mishandles     parameter-entity references because the NEXTL macro     calls the xmlParserHandlePEReference function in the     case of a '%' character in a DTD name.(CVE-2017-16931)

  - parser.c in libxml2 before 2.9.5 does not prevent     infinite recursion in parameter     entities.)CVE-2017-16932)

  - A flaw in libxml2 allows remote XML entity inclusion     with default parser flags (i.e., when the caller did     not request entity substitution, DTD validation,     external DTD subset loading, or default DTD     attributes). Depending on the context, this may expose     a higher-risk attack surface in libxml2 not usually     reachable with default parser flags, and expose content     from local files, HTTP, or FTP servers (which might be     otherwise unreachable).(CVE-2017-7375)

  - Buffer overflow in libxml2 allows remote attackers to     execute arbitrary code by leveraging an incorrect limit     for port values when handling redirects.(CVE-2017-7376)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for libxml2 fixes several issues. Theses security issues were fixed :

  - CVE-2017-16932: Fixed infinite recursion could lead to     an infinite loop or memory exhaustion when expanding a     parameter entity in a DTD (bsc#1069689).

  - CVE-2017-15412: Prevent use after free when calling     XPath extension functions that allowed remote attackers     to cause DoS or potentially RCE (bsc#1077993)

  - CVE-2016-5131: Use-after-free vulnerability in libxml2     allowed remote attackers to cause a denial of service or     possibly have unspecified other impact via vectors     related to the XPointer range-to function. (bsc#1078813)

  - CVE-2017-5130: Fixed a potential remote buffer overflow     in function xmlMemoryStrdup() (bsc#1078806)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.

CVE-2017-16932 parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.

For Debian 7 'Wheezy', these problems have been fixed in version 2.8.0+dfsg1-7+wheezy11.

We recommend that you upgrade your libxml2 packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
117567	EulerOS Virtualization 2.5.0 : libxml2 (EulerOS-SA-2018-1258)	Nessus	Huawei Local Security Checks	critical
117566	EulerOS Virtualization 2.5.1 : libxml2 (EulerOS-SA-2018-1257)	Nessus	Huawei Local Security Checks	critical
111517	ClamAV < 0.100.1 Multiple Vulnerabilities	Nessus	Misc.	high
110970	FreeBSD : clamav -- multiple vulnerabilities (d1e9d8c5-839b-11e8-9610-9c5c8e75236a)	Nessus	FreeBSD Local Security Checks	high
110732	EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2018-1156)	Nessus	Huawei Local Security Checks	critical
109487	EulerOS 2.0 SP2 : libxml2 (EulerOS-SA-2018-1089)	Nessus	Huawei Local Security Checks	critical
109486	EulerOS 2.0 SP1 : libxml2 (EulerOS-SA-2018-1088)	Nessus	Huawei Local Security Checks	critical
106707	SUSE SLES11 Security Update : libxml2 (SUSE-SU-2018:0395-1)	Nessus	SuSE Local Security Checks	high
105037	Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxml2 vulnerability (USN-3504-1)	Nessus	Ubuntu Local Security Checks	high
104936	Debian DLA-1194-1 : libxml2 security update	Nessus	Debian Local Security Checks	critical

CVE-2017-16932

high

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Tenable Plugins

critical

critical

high

high

critical

critical

critical

high

high

critical