openSUSE Security Update : libxml2 (openSUSE-2016-734)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update brings libxml2 to version 2.9.4.

These security issues were fixed :

- CVE-2016-3627: The xmlStringGetNodeList function in
tree.c, when used in recovery mode, allowed
context-dependent attackers to cause a denial of service
(infinite recursion, stack consumption, and application
crash) via a crafted XML document (bsc#972335).

- CVE-2016-1833: libxml2 allowed remote attackers to
execute arbitrary code or cause a denial of service
(memory corruption) via a crafted XML document, a
different vulnerability than CVE-2016-1834,
CVE-2016-1836, CVE-2016-1837, CVE-2016-1838,
CVE-2016-1839, and CVE-2016-1840 (bsc#981108).

- CVE-2016-1835: libxml2 allowed remote attackers to
execute arbitrary code or cause a denial of service
(memory corruption) via a crafted XML document
(bsc#981109).

- CVE-2016-1837: libxml2 allowed remote attackers to
execute arbitrary code or cause a denial of service
(memory corruption) via a crafted XML document, a
different vulnerability than CVE-2016-1833,
CVE-2016-1834, CVE-2016-1836, CVE-2016-1838,
CVE-2016-1839, and CVE-2016-1840 (bsc#981111).

- CVE-2016-1836: libxml2 allowed remote attackers to
execute arbitrary code or cause a denial of service
(memory corruption) via a crafted XML document, a
different vulnerability than CVE-2016-1833,
CVE-2016-1834, CVE-2016-1837, CVE-2016-1838,
CVE-2016-1839, and CVE-2016-1840 (bsc#981110).

- CVE-2016-1839: libxml2 allowed remote attackers to
execute arbitrary code or cause a denial of service
(memory corruption) via a crafted XML document, a
different vulnerability than CVE-2016-1833,
CVE-2016-1834, CVE-2016-1836, CVE-2016-1837,
CVE-2016-1838, and CVE-2016-1840 (bsc#981114).

- CVE-2016-1838: libxml2 allowed remote attackers to
execute arbitrary code or cause a denial of service
(memory corruption) via a crafted XML document, a
different vulnerability than CVE-2016-1833,
CVE-2016-1834, CVE-2016-1836, CVE-2016-1837,
CVE-2016-1839, and CVE-2016-1840 (bsc#981112).

- CVE-2016-1840: libxml2 allowed remote attackers to
execute arbitrary code or cause a denial of service
(memory corruption) via a crafted XML document, a
different vulnerability than CVE-2016-1833,
CVE-2016-1834, CVE-2016-1836, CVE-2016-1837,
CVE-2016-1838, and CVE-2016-1839 (bsc#981115).

- CVE-2016-4483: out-of-bounds read parsing an XML using
recover mode (bnc#978395).

- CVE-2016-1834: libxml2 allowed remote attackers to
execute arbitrary code or cause a denial of service
(memory corruption) via a crafted XML document, a
different vulnerability than CVE-2016-1833,
CVE-2016-1836, CVE-2016-1837, CVE-2016-1838,
CVE-2016-1839, and CVE-2016-1840 (bsc#981041).

- CVE-2016-3705: The (1) xmlParserEntityCheck and (2)
xmlParseAttValueComplex functions in parser.c in libxml2
did not properly keep track of the recursion depth,
which allowed context-dependent attackers to cause a
denial of service (stack consumption and application
crash) via a crafted XML document containing a large
number of nested entity references (bsc#975947).

- CVE-2016-1762: libxml2 allowed remote attackers to
execute arbitrary code or cause a denial of service
(memory corruption) via a crafted XML document
(bsc#981040).

This non-security issue was fixed :

- bnc#983288: Fix attribute decoding during XML schema
validation

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=972335
https://bugzilla.opensuse.org/show_bug.cgi?id=975947
https://bugzilla.opensuse.org/show_bug.cgi?id=978395
https://bugzilla.opensuse.org/show_bug.cgi?id=981040
https://bugzilla.opensuse.org/show_bug.cgi?id=981041
https://bugzilla.opensuse.org/show_bug.cgi?id=981108
https://bugzilla.opensuse.org/show_bug.cgi?id=981109
https://bugzilla.opensuse.org/show_bug.cgi?id=981110
https://bugzilla.opensuse.org/show_bug.cgi?id=981111
https://bugzilla.opensuse.org/show_bug.cgi?id=981112
https://bugzilla.opensuse.org/show_bug.cgi?id=981114
https://bugzilla.opensuse.org/show_bug.cgi?id=981115
https://bugzilla.opensuse.org/show_bug.cgi?id=983288

Solution :

Update the affected libxml2 packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now