In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Libxml2 | Xmlsoft | * | 2.10.4 (excluding) |
| Red Hat Enterprise Linux 8 | RedHat | libxml2-0:2.9.7-16.el8_8.1 | * |
| Red Hat Enterprise Linux 8 | RedHat | libxml2-0:2.9.7-16.el8_8.1 | * |
| Red Hat Enterprise Linux 8.6 Extended Update Support | RedHat | libxml2-0:2.9.7-13.el8_6.4 | * |
| Red Hat Enterprise Linux 9 | RedHat | libxml2-0:2.9.13-3.el9_2.1 | * |
| Red Hat Enterprise Linux 9 | RedHat | libxml2-0:2.9.13-3.el9_2.1 | * |
| Red Hat JBoss Core Services 1 | RedHat | libxml2 | * |
| Libxml2 | Ubuntu | bionic | * |
| Libxml2 | Ubuntu | esm-infra/xenial | * |
| Libxml2 | Ubuntu | focal | * |
| Libxml2 | Ubuntu | jammy | * |
| Libxml2 | Ubuntu | kinetic | * |
| Libxml2 | Ubuntu | lunar | * |
| Libxml2 | Ubuntu | trusty | * |
| Libxml2 | Ubuntu | trusty/esm | * |
| Libxml2 | Ubuntu | xenial | * |