CVE-2023-29469

CWE-415CWE-20Improper Input Validation14 documents10 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 78.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Xmlsoft Libxml2Debian Debian Linux
Timeline
PublishedApr 24
Latest updateJun 7

Description

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

NVDxmlsoft/libxml2< 2.10.4
Debianlibxml2< 2.9.10+dfsg-6.7+deb11u4+3
Ubuntulibxml2< 2.9.4+dfsg1-6.1ubuntu1.9+4
RubyGemsnokogiri< 1.14.3

Also affects: Debian Linux 10.0

🔴Vulnerability Details

6
CVEList
CVE-2023-29469: An issue was discovered in libxml2 before 22023-04-24
GHSA
GHSA-7jv7-hr35-fwjr: An issue was discovered in libxml2 before 22023-04-24
OSV
CVE-2023-29469: An issue was discovered in libxml2 before 22023-04-24
OSV
libxml2 vulnerabilities2023-04-19
OSV
Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEs2023-04-11

📋Vendor Advisories

7
Ubuntu
libxml2 vulnerabilities2023-06-07
Apple
CVE-2023-29469: macOS Ventura 13.42023-05-18
Apple
CVE-2023-29469: iOS 16.5 and iPadOS 16.52023-05-18
Ubuntu
libxml2 vulnerabilities2023-04-19
Red Hat
libxml2: Hashing of empty dict strings isn't deterministic2023-04-11
CVE-2023-29469 (MEDIUM CVSS 6.5) | An issue was discovered in libxml2 | cvebase.io