Re: Re: CVE request: Stack exhaustion in libxml2 parsing xml files in recover mode

["Murphy, Grant" <grant.murphy () hpe com>]

On 3/21/16, 7:58 AM, "cve-assign () mitre org" <cve-assign () mitre org> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> > gdb --args xmllint --recover no-recover.xml
>
> > Program received signal SIGSEGV, Segmentation fault.
> > _int_malloc (av=0x7ffff7826760 <main_arena>, bytes=2) at malloc.c:3302
>
> Use CVE-2016-3627.
>
> > It was reported to the libxml2 bug tracker some
> > time ago but the maintainers are quite busy, so they haven't fixed it.
>
> It's typically useful to mention the bug number even if it isn't
> currently a public bug, in case correlation is needed later.

Looks like it was reported here:
https://bugzilla.gnome.org/show_bug.cgi?id=762100

> - -- 
> CVE Assignment Team
> M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
> [ A PGP key is available for encrypted communications at
>  http://cve.mitre.org/cve/request_id.html ]
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQIcBAEBCAAGBQJW8AsWAAoJEL54rhJi8gl58g4P/i/POnAJzcVBHPdk0svtHKl+
> +510uhal1JlA6r3y3AiDnqsaRM5TMzuzYs+0l9EA8ydM9nx0UMAOkA/1tHVl48P1
> cJcMMoHj/dv/pBBsAaSuJEr2VttXOn4gCuhhVOJQBc1g4sMYUNEdsn3dJ9HbyI6W
> sL2fkuGxXCMTl5at94lLJI+Hij8t+VrDSmS+0e+W7AvL4uDuyYH6b4Bcp4BmlX8l
> m52hCy9Y72MoSHeituWXLZZ75EIWdwy8ftTmjxpO08ZPR2YjUIiwDYBZKvfWCpFt
> aQc/FJrvygTbXtfvT6WUli8qrz1Q2EzYV5c1/jGSfh+0YaNJkvDdLsRlCE0qMm4L
> TnoZmD2boumgRmCLAwmqQrkCZeSh6I8ET/I6NHhor8f0LXEuVGOjjN1IJCJ2wRT7
> QGp7iejweiDoL1EioQg2pZij4BmG8jxy4XtJRZUBtJzt8yYfIP//z5Lm+3MwO7Uq
> UCscXaI0xpLAP4WW/kQTij9wVBnByu61USK7z96dytNcxYqmQhFhaBbUcT3phqwe
> JhwGxCONz1wDJG028cXD/r1DX/s/3dHLKWbSrg6zjETaBNTkuIgQBO6SJ9tPcRht
> /7T/LPgsNvuqydPksZWan1ytstfOhEDrl2pexJBgnwpt6QlsZnKtIScHDn3PNBND
> rpeM6ZE03EVFPNQRk0sK
> =1y/J
> -----END PGP SIGNATURE-----