Bug 972335 - (CVE-2016-3627) VUL-0: CVE-2016-3627: libxml2: stack exhaustion while parsing xml files in recovery mode
(CVE-2016-3627)
VUL-0: CVE-2016-3627: libxml2: stack exhaustion while parsing xml files in re...
Status: RESOLVED FIXED
: CVE-2016-9596 (view as bug list)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/163691/
CVSSv2:RedHat:CVE-2016-3627:4.3:(AV:N...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-03-23 12:27 UTC by Victor Pereira
Modified: 2019-08-16 17:14 UTC (History)
7 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2016-03-23 12:27:58 UTC
rh#1319829

A vulnerability was found in a way libxml2 parses certain files. With the libxml2 in recovery mode, a maliciously crafted filed could cause libxml2 to crash.


References:
https://bugzilla.redhat.com/show_bug.cgi?id=1319829
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3627
http://seclists.org/oss-sec/2016/q1/683
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-3627.html
Comment 1 Swamp Workflow Management 2016-03-23 23:00:23 UTC
bugbot adjusting priority
Comment 2 Kristyna Streitova 2016-04-07 12:02:27 UTC
Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=762100
Comment 3 Vítězslav Čížek 2016-04-14 12:02:23 UTC
Created attachment 672971 [details]
Reproducer from Gustavo Grieco.
Comment 8 Simon Lees 2016-04-15 02:34:10 UTC
This issue defiantly isn't as severe as first thought, It is a DOS attack but it can only take place against applications that attempt to recover from invalid xml, hopefully the only applications using this and accepting untrusted input are development tools, but I guess we never can be sure.
Comment 19 Swamp Workflow Management 2016-04-22 08:31:31 UTC
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2016-05-06.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62650
Comment 20 Swamp Workflow Management 2016-05-03 17:23:41 UTC
SUSE-SU-2016:1204-1: An update that solves one vulnerability and has one errata is now available.

Category: security (moderate)
Bug References: 972335,975947
CVE References: CVE-2016-3627
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    libxml2-2.9.1-20.1
SUSE Linux Enterprise Software Development Kit 12 (src):    libxml2-2.9.1-20.1
SUSE Linux Enterprise Server 12-SP1 (src):    libxml2-2.9.1-20.1, python-libxml2-2.9.1-20.1
SUSE Linux Enterprise Server 12 (src):    libxml2-2.9.1-20.1, python-libxml2-2.9.1-20.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    libxml2-2.9.1-20.1, python-libxml2-2.9.1-20.1
SUSE Linux Enterprise Desktop 12 (src):    libxml2-2.9.1-20.1, python-libxml2-2.9.1-20.1
Comment 21 Swamp Workflow Management 2016-05-03 17:24:09 UTC
SUSE-SU-2016:1205-1: An update that solves one vulnerability and has one errata is now available.

Category: security (moderate)
Bug References: 972335,975947
CVE References: CVE-2016-3627
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    libxml2-2.7.6-0.40.1
SUSE Linux Enterprise Server 11-SP4 (src):    libxml2-2.7.6-0.40.1, libxml2-python-2.7.6-0.40.3
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    libxml2-2.7.6-0.40.1, libxml2-python-2.7.6-0.40.3
Comment 22 Swamp Workflow Management 2016-05-13 12:08:22 UTC
openSUSE-SU-2016:1298-1: An update that solves one vulnerability and has one errata is now available.

Category: security (moderate)
Bug References: 972335,975947
CVE References: CVE-2016-3627
Sources used:
openSUSE Leap 42.1 (src):    libxml2-2.9.1-16.1, python-libxml2-2.9.1-16.1
Comment 24 Sebastian Krahmer 2016-05-25 07:32:48 UTC
released
Comment 26 Swamp Workflow Management 2016-05-30 17:10:15 UTC
openSUSE-SU-2016:1446-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 962796,972335,975947
CVE References: CVE-2016-3627,CVE-2016-3705
Sources used:
openSUSE 13.2 (src):    libxml2-2.9.3-7.11.1, python-libxml2-2.9.3-7.11.1
Comment 27 Swamp Workflow Management 2016-06-16 11:08:29 UTC
openSUSE-SU-2016:1594-1: An update that solves 12 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 972335,975947,978395,981040,981041,981108,981109,981110,981111,981112,981114,981115,983288
CVE References: CVE-2016-1762,CVE-2016-1833,CVE-2016-1834,CVE-2016-1835,CVE-2016-1836,CVE-2016-1837,CVE-2016-1838,CVE-2016-1839,CVE-2016-1840,CVE-2016-3627,CVE-2016-3705,CVE-2016-4483
Sources used:
openSUSE 13.2 (src):    libxml2-2.9.4-7.17.1, python-libxml2-2.9.4-7.17.1
Comment 28 Marcus Meissner 2017-02-20 10:15:03 UTC
*** Bug 1026099 has been marked as a duplicate of this bug. ***