CVE-2022-25313 — Uncontrolled Recursion in Project Libexpat

CWE-674 — Uncontrolled Recursion CWE-776 — XML Entity Expansion CWE-400 — Uncontrolled Resource Consumption9 documents8 sources

Severity

6.5MEDIUMNVD

OSV9.8

EPSS

0.1%

top 67.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libexpat Project Libexpat Siemens Sinema Remote Connect Server Debian Linux +3 more

Timeline

PublishedFeb 18

Latest updateMar 10

Description

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶NVDlibexpat_project/libexpat< 2.4.5

▶NVDsiemens/sinema_remote_connect_server< 3.1

▶NVDoracle/http_server12.2.1.3.0, 12.2.1.4.0+1

▶NVDoracle/zfs_storage_appliance_kit8.8

Also affects: Debian Linux 10.0, 11.0, Fedora 34, 35

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

OSV

expat vulnerabilities and regression↗2022-03-10

▶

GHSA

GHSA-3gf2-723m-w3fv: In Expat (aka libexpat) before 2↗2022-02-19

▶

OSV

CVE-2022-25313: In Expat (aka libexpat) before 2↗2022-02-18

▶

CVEList

CVE-2022-25313: In Expat (aka libexpat) before 2↗2022-02-18

▶

📋Vendor Advisories

Ubuntu

Expat vulnerabilities and regression↗2022-03-10

▶

Red Hat

expat: Stack exhaustion in doctype parsing↗2022-02-19

▶

Microsoft

In Expat (aka libexpat) before 2.4.5 an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.↗2022-02-08

▶

Debian

CVE-2022-25313: expat - In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion i...↗2022

▶