Difference between revisions of "EGI CSIRT:Alerts/libxml2-2012-02-06"
Jump to navigation
Jump to search
imported>Mingchao (Created page with '<pre> ** WHITE information - Unlimited distribution allowed ** ** see https://wiki.egi.eu/wiki/EGI_CSIRT:TLP for distribution restrictions ** EGI CSIRT AD…') |
(Created page with '<pre> ** WHITE information - Unlimited distribution allowed ** ** see https://wiki.egi.eu/wiki/EGI_CSIRT:TLP for distribution restrictions ** EGI CSIRT AD…') |
(No difference)
|
Latest revision as of 18:16, 6 February 2012
** WHITE information - Unlimited distribution allowed ** ** see https://wiki.egi.eu/wiki/EGI_CSIRT:TLP for distribution restrictions ** EGI CSIRT ADVISORY [EGI-ADV-20120206] Title: MODERATE RISK - Multiple Vulnerabilities in the libxml (CVE-2012-3919 etc.) [EGI-ADV-20120206] Date: Feb. 06, 2012 Last update: Feb. 06, 2012 URL: https://wiki.egi.eu/wiki/EGI_CSIRT:Alerts/EGI-ADV-20120206 Introduction ============ The libxml2 library is a development toolbox providing the implementation of various XML standards and is widely used by many applications. Multiple vulnerabilities were found in libxml2 package. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2011-3919, CVE-2011-0216, CVE-2011-1944). Libxml2 shipped with RH4, 5 and 6 are affected. Patches from the Linux vendors are available (see reference). Details ======= At the moment we are not aware of any public exploit. The detail of some vulnerabilities such as CVE-2011-3919 might be made public in the future [http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html] Mitigation ========== There is no known mitigation solution. Please update system with patches from Linux vendors. Recommendations =============== These vulnerabilities exist. While no serious exploit is available yet, there is the potential for a remote command execution and privilege escalation. There is the possibility that this may escalate to become a 'High' or 'Critical' risk issue if such an exploit were to be developed, particularly if it lead to 'root' escalation. Hence it is *recommended* that sites update their systems as soon as is practical. References ========== RHEL4 update: https://rhn.redhat.com/errata/RHSA-2012-0016.html RHEL5 update: https://rhn.redhat.com/errata/RHSA-2012-0017.html RHEL6 update: https://rhn.redhat.com/errata/RHSA-2012-0018.html