CVE-2024-56171: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit…

critical9.8CVSS 3.1

AVNACLPRNUINSUCHIHAH

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

Affected

26 ranges· showing 25

Vendor	Product	Version range	Fixed in
apple	ios_18.4_and_ipados	—	—
apple	ipados	—	—
apple	macos_sequoia	—	—
apple	macos_sonoma	—	—
apple	macos_ventura	—	—
apple	tvos	—	—
apple	visionos	—	—
apple	watchos	—	—
debian	libxml2	< libxml2 2.9.14+dfsg-1.3~deb12u2 (bookworm)	libxml2 2.9.14+dfsg-1.3~deb12u2 (bookworm)
msrc	azl3_libxml2_2.11.5-4_on_azure_linux_3.0	—	—
msrc	azl3_libxml2_2.11.5-5_on_azure_linux_3.0	—	—
msrc	cbl2_libxml2_2.10.4-6_on_cbl_mariner_2.0	—	—
netapp	ontap	—	—
nokogiri	nokogiri	>= 0 < 1.18.3	1.18.3
xmlsoft	libxml2	< 2.12.10	2.12.10
xmlsoft	libxml2	>= 0 < 2.9.10+dfsg-6.7+deb11u6	2.9.10+dfsg-6.7+deb11u6
xmlsoft	libxml2	>= 0 < 2.9.14+dfsg-1.3~deb12u2	2.9.14+dfsg-1.3~deb12u2
xmlsoft	libxml2	>= 0 < 2.12.7+dfsg+really2.9.14-0.4	2.12.7+dfsg+really2.9.14-0.4
xmlsoft	libxml2	>= 0 < 2.12.7+dfsg+really2.9.14-0.4	2.12.7+dfsg+really2.9.14-0.4
xmlsoft	libxml2	>= 0 < 2.9.10+dfsg-5ubuntu0.20.04.9	2.9.10+dfsg-5ubuntu0.20.04.9
xmlsoft	libxml2	>= 0 < 2.9.13+dfsg-1ubuntu0.6	2.9.13+dfsg-1ubuntu0.6
xmlsoft	libxml2	>= 0 < 2.9.14+dfsg-1.3ubuntu3.2	2.9.14+dfsg-1.3ubuntu3.2
xmlsoft	libxml2	>= 0 < 2.9.1+dfsg1-3ubuntu4.13+esm7	2.9.1+dfsg1-3ubuntu4.13+esm7
xmlsoft	libxml2	>= 0 < 2.9.3+dfsg1-1ubuntu0.7+esm7	2.9.3+dfsg1-1ubuntu0.7+esm7
xmlsoft	libxml2	>= 0 < 2.9.4+dfsg1-6.1ubuntu1.9+esm2	2.9.4+dfsg1-6.1ubuntu1.9+esm2

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

ghsa9.8CRITICAL

osv9.8CRITICAL