Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6579-2

Ubuntu Security Notice 6579-2 - USN-6579-1 fixed a vulnerability in Xerces-C++. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

Packet Storm
#vulnerability#ubuntu#debian#dos#c++#perl

==========================================================================
Ubuntu Security Notice USN-6579-2
January 16, 2024

xerces-c vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 23.10
  • Ubuntu 23.04
  • Ubuntu 22.04 LTS (Available with Ubuntu Pro)
  • Ubuntu 20.04 LTS

Summary:

Xerces-C++ could be made to crash or run programs if it opened a specially
crafted file.

Software Description:

  • xerces-c: Validating XML parser written in a portable subset of C++

Details:

USN-6579-1 fixed a vulnerability in Xerces-C++. This update provides the
corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04
and Ubuntu 23.10.

Original advisory details:

It was discovered that Xerces-C++ was not properly handling memory
management operations when parsing XML data containing external DTDs,
which could trigger a use-after-free error. If a user or automated system
were tricked into processing a specially crafted XML document, an attacker
could possibly use this issue to cause a denial of service or execute
arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
libxerces-c-samples 3.2.4+debian-1ubuntu0.23.10.1
libxerces-c3.2 3.2.4+debian-1ubuntu0.23.10.1

Ubuntu 23.04:
libxerces-c-samples 3.2.4+debian-1ubuntu0.23.04.1
libxerces-c3.2 3.2.4+debian-1ubuntu0.23.04.1

Ubuntu 22.04 LTS (Available with Ubuntu Pro):
libxerces-c-samples 3.2.3+debian-3ubuntu0.1~esm1
libxerces-c3.2 3.2.3+debian-3ubuntu0.1~esm1

Ubuntu 20.04 LTS:
libxerces-c-samples 3.2.2+debian-1ubuntu0.1
libxerces-c3.2 3.2.2+debian-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6579-2
https://ubuntu.com/security/notices/USN-6579-1
CVE-2018-1311

Package Information:
https://launchpad.net/ubuntu/+source/xerces-c/3.2.4+debian-1ubuntu0.23.10.1
https://launchpad.net/ubuntu/+source/xerces-c/3.2.4+debian-1ubuntu0.23.04.1
https://launchpad.net/ubuntu/+source/xerces-c/3.2.2+debian-1ubuntu0.1

Related news

Ubuntu Security Notice USN-6590-1

Ubuntu Security Notice 6590-1 - It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Xerces-C++ was not properly performing bounds checks when processing XML Schema Definition files, which could lead to an out-of-bounds access via an HTTP request. If a user or automated system were tricked into processing a specially crafted XSD file, a remote attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6579-1

Ubuntu Security Notice 6579-1 - It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVE-2022-32263: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719.

CVE-2022-26657: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

CVE-2022-27931: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.

CVE-2022-27937: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.

CVE-2022-29085: DSA-2022-021: Dell Unity, Dell UnityVSA, and Dell Unity XT Security Update for Multiple Vulnerabilities

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

CVE-2022-21363: Oracle Critical Patch Update Advisory - January 2022

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).

CVE-2018-1311: 'Xerces-C Security Advisory [CVE-2018-1311]' - MARC

The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.

Packet Storm: Latest News

WordPress Really Simple Security Authentication Bypass