CVE-2016-3705: The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which…

high7.5CVSS 3.0

AVNACLPRNUINSUCNINAH

The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.

Affected

18 ranges

Vendor	Product	Version range	Fixed in
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	debian_linux	—	—
debian	libxml2	< libxml2 2.9.3+dfsg1-1.1 (bookworm)	libxml2 2.9.3+dfsg1-1.1 (bookworm)
debian	libxml2	—	—
hp	icewall_federation_agent	—	—
hp	icewall_file_manager	—	—
opensuse	leap	—	—
red_hat	libxml2	—	—
xmlsoft	libxml2	—	—
xmlsoft	libxml2	>= 0 < 2.9.3+dfsg1-1.1	2.9.3+dfsg1-1.1
xmlsoft	libxml2	>= 0 < 2.9.3+dfsg1-1.1	2.9.3+dfsg1-1.1
xmlsoft	libxml2	>= 0 < 2.9.3+dfsg1-1.1	2.9.3+dfsg1-1.1
xmlsoft	libxml2	>= 0 < 2.9.3+dfsg1-1.1	2.9.3+dfsg1-1.1
xmlsoft	libxml2	>= 0 < 2.9.1+dfsg1-3ubuntu4.8	2.9.1+dfsg1-3ubuntu4.8
xmlsoft	libxml2	>= 0 < 2.9.3+dfsg1-1ubuntu0.1	2.9.3+dfsg1-1ubuntu0.1

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

osv7.5HIGH