Headline
Ubuntu Security Notice USN-6579-1
Ubuntu Security Notice 6579-1 - It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
==========================================================================
Ubuntu Security Notice USN-6579-1
January 11, 2024
xerces-c vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)
Summary:
Xerces-C++ could be made to crash or run programs if it opened a specially
crafted file.
Software Description:
- xerces-c: Validating XML parser written in a portable subset of C++
Details:
It was discovered that Xerces-C++ was not properly handling memory
management operations when parsing XML data containing external DTDs,
which could trigger a use-after-free error. If a user or automated system
were tricked into processing a specially crafted XML document, an attacker
could possibly use this issue to cause a denial of service or execute
arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS (Available with Ubuntu Pro):
libxerces-c-samples 3.2.0+debian-2ubuntu0.1~esm2
libxerces-c3.2 3.2.0+debian-2ubuntu0.1~esm2
Ubuntu 16.04 LTS (Available with Ubuntu Pro):
libxerces-c-samples 3.1.3+debian-1ubuntu0.1~esm2
libxerces-c3.1 3.1.3+debian-1ubuntu0.1~esm2
Ubuntu 14.04 LTS (Available with Ubuntu Pro):
libxerces-c-samples 3.1.1-5.1+deb8u4ubuntu0.1~esm1
libxerces-c3.1 3.1.1-5.1+deb8u4ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6579-1
CVE-2018-1311
Related news
Ubuntu Security Notice 6590-1 - It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Xerces-C++ was not properly performing bounds checks when processing XML Schema Definition files, which could lead to an out-of-bounds access via an HTTP request. If a user or automated system were tricked into processing a specially crafted XSD file, a remote attacker could possibly use this issue to cause a denial of service.
Ubuntu Security Notice 6579-2 - USN-6579-1 fixed a vulnerability in Xerces-C++. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling.
Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719.
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323.
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP.
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth.
Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.
Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP.
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.