CVE-2019-13118

Published: 1 July 2019

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.

Priority

CVSS 3 base score: 7.5

Status

Package	Release	Status
libxslt Launchpad, Ubuntu, Debian	bionic	Released (1.1.29-5ubuntu0.2)
	cosmic	Ignored (reached end-of-life)
	disco	Released (1.1.32-2ubuntu0.2)
	eoan	Not vulnerable
	precise	Released (1.1.26-8ubuntu1.6)
	trusty	Released (1.1.28-2ubuntu0.2+esm1)
	upstream	Needs triage
	xenial	Released (1.1.28-2.1ubuntu0.3)
	Patches: upstream: https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118
https://oss-fuzz.com/testcase-detail/5197371471822848
https://ubuntu.com/security/notices/USN-4164-1
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931320
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›