First Last Prev Next    This bug is not in your last search results.
Bug 1118927 - (CVE-2018-20005) VUL-0: CVE-2018-20005: mxml: use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.
(CVE-2018-20005)
VUL-0: CVE-2018-20005: mxml: use-after-free in mxmlWalkNext in mxml-search.c,...
Status: NEW
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.1
Other Other
: P3 - Medium : Minor (vote)
: Leap 15.1
Assigned To: Marcus Rückert
E-mail List
https://smash.suse.de/issue/220533/
CVSSv3:SUSE:CVE-2018-20005:5.3:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-12-10 10:06 UTC by Marcus Meissner
Modified: 2020-10-21 09:22 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
heap-use-after-free_mxmlWalkNext (8.40 KB, application/octet-stream)
2018-12-10 10:08 UTC, Marcus Meissner 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-12-10 10:06:22 UTC 
CVE-2018-20005

An issue has been found in Mini-XML (aka mxml) 2.12. It is a
use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by
mxmldoc.


References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-20005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20005
Comment 2 Marcus Meissner 2018-12-10 10:08:26 UTC 
Created attachment 792276 [details]
heap-use-after-free_mxmlWalkNext

QA REPRODUCER:

mxmldoc ~/Downloads/heap-use-after-free_mxmlWalkNext >/dev/null 
Speicherzugriffsfehler

should not crash
Comment 3 Alexander Bergmann 2019-04-24 11:51:53 UTC 
No upstream fix atm.
Comment 4 Alexander Bergmann 2019-07-22 09:19:51 UTC 
Still no upstream fix.
First Last Prev Next    This bug is not in your last search results.