A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path=…/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the programs crash using libxml or other possible undefined behaviors.
The product dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Red Hat Enterprise Linux 10 | RedHat | libxml2-0:2.12.5-7.el10_0 | * |
Red Hat Enterprise Linux 7 Extended Lifecycle Support | RedHat | libxml2-0:2.9.1-6.el7_9.10 | * |
Red Hat Enterprise Linux 8 | RedHat | libxml2-0:2.9.7-21.el8_10.1 | * |
Red Hat Enterprise Linux 8 | RedHat | libxml2-0:2.9.7-21.el8_10.1 | * |
Red Hat Enterprise Linux 8.2 Advanced Update Support | RedHat | libxml2-0:2.9.7-9.el8_2.3 | * |
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | libxml2-0:2.9.7-9.el8_4.6 | * |
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | RedHat | libxml2-0:2.9.7-9.el8_4.6 | * |
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | RedHat | libxml2-0:2.9.7-13.el8_6.10 | * |
Red Hat Enterprise Linux 8.6 Telecommunications Update Service | RedHat | libxml2-0:2.9.7-13.el8_6.10 | * |
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | RedHat | libxml2-0:2.9.7-13.el8_6.10 | * |
Red Hat Enterprise Linux 8.8 Telecommunications Update Service | RedHat | libxml2-0:2.9.7-16.el8_8.9 | * |
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | RedHat | libxml2-0:2.9.7-16.el8_8.9 | * |
Red Hat Enterprise Linux 9 | RedHat | libxml2-0:2.9.13-10.el9_6 | * |
Red Hat Enterprise Linux 9 | RedHat | libxml2-0:2.9.13-10.el9_6 | * |
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | RedHat | libxml2-0:2.9.13-1.el9_0.5 | * |
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | RedHat | libxml2-0:2.9.13-3.el9_2.7 | * |
Red Hat Enterprise Linux 9.4 Extended Update Support | RedHat | libxml2-0:2.9.13-10.el9_4 | * |
Red Hat Insights proxy 1.5 | RedHat | registry.redhat.io/insights-proxy/insights-proxy-container-rhel9:sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d | * |
Libxml2 | Ubuntu | oracular | * |