CVE-2023-29469

Published: Apr 24, 2023Modified: Feb 4, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value).

Affected (2)

Products: Xmlsoft: Libxml2 · Debian: Debian Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Xmlsoft Libxml2	Before 2.10.4

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0

Related CWEs

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (8)

https://gitlab.gnome.org/GNOME/libxml2/-/issues/510

Source: cve@mitre.org

Issue TrackingVendor Advisory

https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4

Source: cve@mitre.org

Release Notes

https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20230601-0006/

Source: cve@mitre.org

https://gitlab.gnome.org/GNOME/libxml2/-/issues/510

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4

Source: af854a3a-2127-422b-91ae-364da2661108

Release Notes

https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20230601-0006/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.