First Last Prev Next    This bug is not in your last search results.
Bug 928193 - (CVE-2015-1819) VUL-1: CVE-2015-1819: libxml2: denial of service processing a crafted XML document
(CVE-2015-1819)
VUL-1: CVE-2015-1819: libxml2: denial of service processing a crafted XML doc...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/115807/
CVSSv2:NVD:CVE-2015-1819:5.0:(AV:N/AC...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-04-22 14:08 UTC by Andreas Stieger
Modified: 2016-01-22 09:19 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
upstream commit 213f1fe0d76d30eaed6e5853057defc43e6df2c9 (6.18 KB, patch)
2015-04-22 14:08 UTC, Andreas Stieger 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2015-04-22 14:08:04 UTC 
Created attachment 631978 [details]
upstream commit 213f1fe0d76d30eaed6e5853057defc43e6df2c9

rh#1211278

Florian Weimer from Red Hat reported an issue against libxml2, where a parser which uses libxml2 chokes on a crafted XML document, allocating gigabytes of data.
This is a fine line between API misuse and an libxml2 bug.
Daniel Veillard have a fix for this issue already.

Commit https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9
Patch attached

A concern was raised by the same that the fix may not be correct:
https://bugzilla.gnome.org/show_bug.cgi?id=748278

There does not seem to be a reproducer.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1211278
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1819
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1819.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
Comment 1 Swamp Workflow Management 2015-04-22 22:01:00 UTC 
bugbot adjusting priority
Comment 3 SMASH SMASH 2015-11-30 12:15:50 UTC 
An update workflow for this issue was started.

This issue was rated as "low".
Please submit fixed packages until "Dec. 14, 2015".

When done, reassign the bug to "security-team@suse.de".
/update/121058/.
Comment 4 Hanns-Joachim Uhl 2015-12-02 13:31:43 UTC 
Hello SUSE,
... I got the following question from the field:
"
... we are using libxml2, version 2.7.x, so there is the potential that this 
CVE may apply. ...
"
... can you confirm that the CVE addressed in this bugzilla is also applicable
to the libxml2 2.7.x as included in SLES 11 SP3 ..?
Please advise ..
Thanks in advance for your support.
Comment 5 Kristyna Streitova 2015-12-04 10:26:27 UTC 
(In reply to Hanns-Joachim Uhl from comment #4)
> ... can you confirm that the CVE addressed in this bugzilla is also
> applicable to the libxml2 2.7.x as included in SLES 11 SP3 ..?

As there is no reproducer it's hard to say which versions are affected. However RH discovered this issue and they fixed it in their libxml2 2.7.6 [1]. So we can assume it's affected.

[1] https://rhn.redhat.com/errata/RHSA-2015-1419.html
Comment 9 Bernhard Wiedemann 2015-12-17 14:00:09 UTC 
This is an autogenerated message for OBS integration:
This bug (928193) was mentioned in
https://build.opensuse.org/request/show/349390 13.2+13.1 / libxml2
Comment 11 Swamp Workflow Management 2015-12-27 00:12:57 UTC 
openSUSE-SU-2015:2372-1: An update that fixes 14 vulnerabilities is now available.

Category: security (moderate)
Bug References: 928193,951734,951735,954429,956018,956021,956260,957105,957106,957107,957109,957110
CVE References: CVE-2014-0191,CVE-2014-3660,CVE-2015-1819,CVE-2015-5312,CVE-2015-7497,CVE-2015-7498,CVE-2015-7499,CVE-2015-7500,CVE-2015-7941,CVE-2015-7942,CVE-2015-8035,CVE-2015-8241,CVE-2015-8242,CVE-2015-8317
Sources used:
openSUSE 13.2 (src):    libxml2-2.9.3-7.4.1, python-libxml2-2.9.3-7.4.1
openSUSE 13.1 (src):    libxml2-2.9.3-2.19.1, python-libxml2-2.9.3-2.19.1
Comment 12 Swamp Workflow Management 2016-01-05 14:27:02 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2016-01-19.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62411
Comment 13 Swamp Workflow Management 2016-01-05 19:11:38 UTC 
SUSE-SU-2016:0030-1: An update that fixes 11 vulnerabilities is now available.

Category: security (moderate)
Bug References: 928193,951734,951735,956018,956021,956260,957105,957106,957107,957109,957110
CVE References: CVE-2015-1819,CVE-2015-5312,CVE-2015-7497,CVE-2015-7498,CVE-2015-7499,CVE-2015-7500,CVE-2015-7941,CVE-2015-7942,CVE-2015-8241,CVE-2015-8242,CVE-2015-8317
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    libxml2-2.7.6-0.34.1
SUSE Linux Enterprise Software Development Kit 11-SP3 (src):    libxml2-2.7.6-0.34.1
SUSE Linux Enterprise Server for VMWare 11-SP3 (src):    libxml2-2.7.6-0.34.1, libxml2-python-2.7.6-0.34.4
SUSE Linux Enterprise Server 11-SP4 (src):    libxml2-2.7.6-0.34.1, libxml2-python-2.7.6-0.34.4
SUSE Linux Enterprise Server 11-SP3 (src):    libxml2-2.7.6-0.34.1, libxml2-python-2.7.6-0.34.4
SUSE Linux Enterprise Desktop 11-SP4 (src):    libxml2-2.7.6-0.34.1, libxml2-python-2.7.6-0.34.4
SUSE Linux Enterprise Desktop 11-SP3 (src):    libxml2-2.7.6-0.34.1, libxml2-python-2.7.6-0.34.4
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    libxml2-2.7.6-0.34.1, libxml2-python-2.7.6-0.34.4
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    libxml2-2.7.6-0.34.1, libxml2-python-2.7.6-0.34.4
Comment 14 Swamp Workflow Management 2016-01-07 16:12:59 UTC 
SUSE-SU-2016:0049-1: An update that fixes 12 vulnerabilities is now available.

Category: security (moderate)
Bug References: 928193,951734,951735,954429,956018,956021,956260,957105,957106,957107,957109,957110
CVE References: CVE-2015-1819,CVE-2015-5312,CVE-2015-7497,CVE-2015-7498,CVE-2015-7499,CVE-2015-7500,CVE-2015-7941,CVE-2015-7942,CVE-2015-8035,CVE-2015-8241,CVE-2015-8242,CVE-2015-8317
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    libxml2-2.9.1-13.1
SUSE Linux Enterprise Software Development Kit 12 (src):    libxml2-2.9.1-13.1
SUSE Linux Enterprise Server 12-SP1 (src):    libxml2-2.9.1-13.1, python-libxml2-2.9.1-13.1
SUSE Linux Enterprise Server 12 (src):    libxml2-2.9.1-13.1, python-libxml2-2.9.1-13.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    libxml2-2.9.1-13.1, python-libxml2-2.9.1-13.1
SUSE Linux Enterprise Desktop 12 (src):    libxml2-2.9.1-13.1, python-libxml2-2.9.1-13.1
Comment 15 SMASH SMASH 2016-01-08 15:01:12 UTC 
An update workflow for this issue was started.

This issue was rated as "low".
Please submit fixed packages until "Jan. 22, 2016".

When done, reassign the bug to "security-team@suse.de".
/update/121235/.
Comment 16 SMASH SMASH 2016-01-08 15:06:00 UTC 
An update workflow for this issue was started.

This issue was rated as "low".
Please submit fixed packages until "Jan. 22, 2016".

When done, reassign the bug to "security-team@suse.de".
/update/62418/.
Comment 17 Swamp Workflow Management 2016-01-08 15:07:20 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2016-01-22.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62418
Comment 18 Swamp Workflow Management 2016-01-13 17:12:16 UTC 
openSUSE-SU-2016:0106-1: An update that fixes 12 vulnerabilities is now available.

Category: security (moderate)
Bug References: 928193,951734,951735,954429,956018,956021,956260,957105,957106,957107,957109,957110
CVE References: CVE-2015-1819,CVE-2015-5312,CVE-2015-7497,CVE-2015-7498,CVE-2015-7499,CVE-2015-7500,CVE-2015-7941,CVE-2015-7942,CVE-2015-8035,CVE-2015-8241,CVE-2015-8242,CVE-2015-8317
Sources used:
openSUSE Leap 42.1 (src):    libxml2-2.9.1-10.1, python-libxml2-2.9.1-10.1
Comment 19 Andreas Stieger 2016-01-22 09:19:38 UTC 
All done, closing
First Last Prev Next    This bug is not in your last search results.