The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4991-1 advisory.

  - The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of     service (buffer over-read) or information disclosure. (CVE-2017-8872)

  - xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
    (CVE-2019-20388)

  - GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at     libxml2/entities.c. The issue has been fixed in commit 50f06b3e. (CVE-2020-24977)

  - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted     file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to     confidentiality, integrity, and availability. (CVE-2021-3516)

  - There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker     who is able to supply a crafted file to be processed by an application linked with the affected     functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to     application availability, with some potential impact to confidentiality and integrity if an attacker is     able to use memory information to further exploit the application. (CVE-2021-3517)

  - There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to     be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact     from this flaw is to confidentiality, integrity, and availability. (CVE-2021-3518)

  - A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while     parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery     mode and post-validated, the flaw could be used to crash the application. The highest threat from this     vulnerability is to system availability. (CVE-2021-3537)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Detections

Analytics

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : libxml2 vulnerabilities (USN-4991-1)

critical Nessus Plugin ID 150858

Version 1.7