[Bug 1234819] New: VUL-0: CVE-2024-40896: chromium: libxml2: XXE vulnerability
https://bugzilla.suse.com/show_bug.cgi?id=1234819 Bug ID: 1234819 Summary: VUL-0: CVE-2024-40896: chromium: libxml2: XXE vulnerability Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.5 Hardware: Other URL: https://smash.suse.de/issue/433718/ OS: Other Status: NEW Whiteboard: CVSSv3.1:SUSE:CVE-2024-40896:8.6:(AV:N/AC:L/PR:N/UI:N/ S:U/C:H/I:L/A:L) Severity: Major Priority: P5 - None Component: Security Assignee: ro@suse.com Reporter: andrea.mattiazzo@suse.com QA Contact: security-team@suse.de Blocks: 1234812 Target Milestone: --- Found By: --- Blocker: --- In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-40896 https://www.cve.org/CVERecord?id=CVE-2024-40896 https://gitlab.gnome.org/GNOME/libxml2/-/commit/1a8932303969907f6572b1b6aac4... https://gitlab.gnome.org/GNOME/libxml2/-/issues/761 https://github.com/CVEProject/cvelistV5/blob/main//cves/2024/40xxx/CVE-2024-... https://bugzilla.redhat.com/show_bug.cgi?id=2333871 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1234819 https://bugzilla.suse.com/show_bug.cgi?id=1234819#c1 --- Comment #1 from Andrea Mattiazzo <andrea.mattiazzo@suse.com> --- The packages below are or contain embedded packages that are vulnerable to CVE-2024-40896: - openSUSE:Backports:SLE-15-SP5:Update/chromium contains embedded package: libxml2 (2.13.0-27-g669bd34) - openSUSE:Backports:SLE-15-SP6/chromium contains embedded package: libxml2 (2.12.0-238-gc444c96) - openSUSE:Backports:SLE-15-SP6:Update/chromium contains embedded package: libxml2 (2.13.0-27-g669bd34) - openSUSE:Factory/chromium contains embedded package: libxml2 (2.13.0-27-g669bd34) Please consider version bumping or patching the affected dependencies. The listed codestreams are affected. All other codestreams should not be affected, but feel free to double-check. This is a auto-generated message, please reach out to the reporter directly if you think this is incorrect. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1234819 SMASH SMASH <smash_bz@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1234819 https://bugzilla.suse.com/show_bug.cgi?id=1234819#c2 --- Comment #2 from Ruediger Oertel <ro@suse.com> --- chromium is not using the embedded libxml2 but the system one.
ldd /usr/lib64/chromium/chrome | grep xml libxml2.so.2 => /usr/lib64/libxml2.so.2 (0x00007f979d895000)
so this simply falls back to updating the system copy. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1234819 https://bugzilla.suse.com/show_bug.cgi?id=1234819#c3 Andrea Mattiazzo <andrea.mattiazzo@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |INVALID Status|NEW |RESOLVED --- Comment #3 from Andrea Mattiazzo <andrea.mattiazzo@suse.com> --- Thanks, closing as INVALID -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com