Bug 1159928 (CVE-2019-19956) - VUL-1: CVE-2019-19956: libxml2: xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
Summary: VUL-1: CVE-2019-19956: libxml2: xmlParseBalancedChunkMemoryRecover in parser....
Status: RESOLVED WONTFIX
Alias: CVE-2019-19956
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Minor
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/249766/
Whiteboard: CVSSv3.1:SUSE:CVE-2019-19956:5.3:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2019-12-30 16:48 UTC by Marcus Meissner
Modified: 2023-05-02 16:04 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2019-12-30 16:48:48 UTC
CVE-2019-19956

xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a
memory leak related to newDoc->oldNs.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956
https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549
Comment 1 Marcus Meissner 2019-12-30 16:49:23 UTC
(small leak)
Comment 2 Pedro Monreal Gonzalez 2020-01-02 16:13:37 UTC
Looks like libxml2.SUSE_SLE-10-SP3_Update_Test is not affected.
Comment 7 Swamp Workflow Management 2020-05-22 22:26:28 UTC
openSUSE-SU-2020:0681-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1159928,1161517,1161521
CVE References: CVE-2019-19956,CVE-2019-20388,CVE-2020-7595
Sources used:
openSUSE Leap 15.1 (src):    libxml2-2.9.7-lp151.5.9.1, python-libxml2-python-2.9.7-lp151.5.9.1
Comment 12 Swamp Workflow Management 2020-09-11 13:18:27 UTC
SUSE-SU-2020:2609-1: An update that solves four vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1159928,1161517,1161521,1172021,1176179
CVE References: CVE-2019-19956,CVE-2019-20388,CVE-2020-24977,CVE-2020-7595
JIRA References: 
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    libxml2-2.9.4-46.34.1
SUSE Linux Enterprise Server 12-SP5 (src):    libxml2-2.9.4-46.34.1, python-libxml2-2.9.4-46.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Swamp Workflow Management 2021-05-19 19:20:05 UTC
SUSE-SU-2021:14729-1: An update that fixes 9 vulnerabilities is now available.

Category: security (important)
Bug References: 1159928,1161517,1161521,1176179,1185408,1185409,1185410,1185698
CVE References: CVE-2014-0191,CVE-2019-19956,CVE-2019-20388,CVE-2020-24977,CVE-2020-7595,CVE-2021-3516,CVE-2021-3517,CVE-2021-3518,CVE-2021-3537
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    libxml2-2.7.6-0.77.36.1, libxml2-python-2.7.6-0.77.36.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    libxml2-2.7.6-0.77.36.1, libxml2-python-2.7.6-0.77.36.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    libxml2-2.7.6-0.77.36.1, libxml2-python-2.7.6-0.77.36.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    libxml2-2.7.6-0.77.36.1, libxml2-python-2.7.6-0.77.36.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 14 Matej Cepl 2021-11-12 07:21:04 UTC
The upstream ticket https://gitlab.gnome.org/GNOME/libxml2/-/issues/161 has been made public, and the result is clear. Entering NULL document as a parameter is apparently just not supported and it must be fixed in the programs using this library.

I suggest to close this bug as WONTFIX (because the problem is not in libxml2) or retargeting it to perl-XML-LibXML. Adding its maintainers to the CC of this bug.
Comment 16 Marcus Meissner 2023-05-02 16:04:51 UTC
done