The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7302-1 advisory.

    It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could use     this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary     code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. (CVE-2022-49043)

    It was discovered that the libxml2 xmllint tool incorrectly handled certain memory operations. If a user     or automated system were tricked into running xmllint on a specially crafted xml file, a remote attacker     could cause xmllint to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS,     Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. (CVE-2024-34459)

    It was discovered that libxml2 did not properly manage memory. An attacker could possibly use this issue     to cause a denial of service or execute arbitrary code. (CVE-2024-56171)

    It was discovered that libxml2 could be made to write out of bounds. An attacker could possibly use this     issue to cause a denial of service or execute arbitrary code. (CVE-2025-24928)

    It was discovered that libxml2 could be made to dereference invalid memory. An attacker could possibly use     this issue to cause a denial of service. (CVE-2025-27113)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : libxml2 vulnerabilities (USN-7302-1)

critical Nessus Plugin ID 216780

Version 1.5