The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Debian_linux | Debian | 7.0 (including) | 7.0 (including) |
Debian_linux | Debian | 8.0 (including) | 8.0 (including) |