CVE-2022-23852
Published: 24 January 2022
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
Notes
Author | Note |
---|---|
sbeattie | paraview uses system expat xotcl uses system expat poco uses system expat gdcm uses system expat audacity uses system expat simgear uses system expat coin3 uses system expat as of 4.0.0~CMake~6f54f1602475+ds1-1 sitecopy uses system expat since 1:0.16.0-1 (dapper!) |
rodrigo-zaiden | libxmltok does not include EXPAT_SAFE_PTR_DIFF method, so it is not affected. |
Priority
Status
Package | Release | Status |
---|---|---|
apache2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code-not-compiled)
|
focal |
Not vulnerable
(code-not-compiled)
|
|
impish |
Not vulnerable
(code-not-compiled)
|
|
jammy |
Not vulnerable
(code-not-compiled)
|
|
kinetic |
Not vulnerable
(code-not-compiled)
|
|
lunar |
Not vulnerable
(code-not-compiled)
|
|
trusty |
Not vulnerable
(code-not-compiled)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code-not-compiled)
|
|
apr-util Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code-not-compiled)
|
focal |
Not vulnerable
(code-not-compiled)
|
|
impish |
Not vulnerable
(code-not-compiled)
|
|
jammy |
Not vulnerable
(code-not-compiled)
|
|
kinetic |
Not vulnerable
(code-not-compiled)
|
|
lunar |
Not vulnerable
(code-not-compiled)
|
|
trusty |
Not vulnerable
(code-not-compiled)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code-not-compiled)
|
|
ayttm Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
|
cableswig Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
cadaver Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
focal |
Not vulnerable
(code not present)
|
|
impish |
Not vulnerable
(code not present)
|
|
jammy |
Needs triage
|
|
kinetic |
Needs triage
|
|
lunar |
Needs triage
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
|
cmake Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code-not-compiled)
|
focal |
Not vulnerable
(code-not-compiled)
|
|
impish |
Not vulnerable
(code-not-compiled)
|
|
jammy |
Not vulnerable
(code-not-compiled)
|
|
kinetic |
Not vulnerable
(code-not-compiled)
|
|
lunar |
Not vulnerable
(code-not-compiled)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code-not-compiled)
|
|
coin3 Launchpad, Ubuntu, Debian |
bionic |
Needed
|
focal |
Not vulnerable
(uses system expat)
|
|
impish |
Not vulnerable
(uses system expat)
|
|
jammy |
Not vulnerable
(uses system expat)
|
|
kinetic |
Not vulnerable
(uses system expat)
|
|
lunar |
Not vulnerable
(uses system expat)
|
|
trusty |
Needed
|
|
upstream |
Needs triage
|
|
xenial |
Needed
|
|
expat Launchpad, Ubuntu, Debian |
bionic |
Released
(2.2.5-3ubuntu0.4)
|
focal |
Released
(2.2.9-1ubuntu0.2)
|
|
impish |
Released
(2.4.1-2ubuntu0.1)
|
|
jammy |
Released
(2.4.3-2)
|
|
kinetic |
Released
(2.4.3-2)
|
|
lunar |
Released
(2.4.3-2)
|
|
trusty |
Released
(2.1.0-4ubuntu1.4+esm4)
|
|
upstream |
Needs triage
|
|
xenial |
Released
(2.1.0-7ubuntu0.16.04.5+esm2)
|
|
Patches: upstream: https://github.com/libexpat/libexpat/pull/550/commits/847a645152f5ebc10ac63b74b604d0c1a79fae40 upstream: https://github.com/libexpat/libexpat/pull/550/commits/acf956f14bf79a5e6383a969aaffec98bfbc2e44 (test) |
||
firefox Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of standard support, was needed)
|
focal |
Needed
|
|
impish |
Ignored
(reached end-of-life)
|
|
jammy |
Released
(1:1snap1-0ubuntu1)
|
|
kinetic |
Released
(1:1snap1-0ubuntu1)
|
|
lunar |
Released
(1:1snap1-0ubuntu1)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Ignored
(end of standard support, was needed)
|
|
gdcm Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(uses system expat)
|
focal |
Not vulnerable
(uses system expat)
|
|
impish |
Not vulnerable
(uses system expat)
|
|
jammy |
Not vulnerable
(uses system expat)
|
|
kinetic |
Not vulnerable
(uses system expat)
|
|
lunar |
Not vulnerable
(uses system expat)
|
|
trusty |
Not vulnerable
(uses system expat)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(uses system expat)
|
|
ghostscript Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code-not-compiled)
|
focal |
Not vulnerable
(code-not-compiled)
|
|
impish |
Not vulnerable
(code-not-compiled)
|
|
jammy |
Not vulnerable
(code-not-compiled)
|
|
kinetic |
Not vulnerable
(code-not-compiled)
|
|
lunar |
Not vulnerable
(code-not-compiled)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code-not-compiled)
|
|
insighttoolkit Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Needed
|
|
insighttoolkit4 Launchpad, Ubuntu, Debian |
bionic |
Needed
|
focal |
Needed
|
|
impish |
Ignored
(reached end-of-life)
|
|
jammy |
Needs triage
|
|
kinetic |
Needs triage
|
|
lunar |
Needs triage
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Needed
|
|
libxmltok Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
focal |
Not vulnerable
(code not present)
|
|
hirsute |
Ignored
(reached end-of-life)
|
|
impish |
Not vulnerable
(code not present)
|
|
jammy |
Not vulnerable
(code not present)
|
|
kinetic |
Not vulnerable
(code not present)
|
|
lunar |
Not vulnerable
(code not present)
|
|
trusty |
Ignored
(out of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
|
matanza Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
focal |
Not vulnerable
(code not present)
|
|
impish |
Not vulnerable
(code not present)
|
|
jammy |
Needs triage
|
|
kinetic |
Needs triage
|
|
lunar |
Needs triage
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
|
smart Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code-not-compiled)
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code-not-compiled)
|
|
swish-e Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
focal |
Not vulnerable
(code not present)
|
|
impish |
Not vulnerable
(code not present)
|
|
jammy |
Needs triage
|
|
kinetic |
Needs triage
|
|
lunar |
Needs triage
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
|
tdom Launchpad, Ubuntu, Debian |
bionic |
Needed
|
focal |
Needed
|
|
impish |
Ignored
(reached end-of-life)
|
|
jammy |
Needs triage
|
|
kinetic |
Needs triage
|
|
lunar |
Needs triage
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Needed
|
|
texlive-bin Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code-not-compiled)
|
focal |
Not vulnerable
(code-not-compiled)
|
|
impish |
Not vulnerable
(code-not-compiled)
|
|
jammy |
Not vulnerable
(code-not-compiled)
|
|
kinetic |
Not vulnerable
(code-not-compiled)
|
|
lunar |
Not vulnerable
(code-not-compiled)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code-not-compiled)
|
|
thunderbird Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of standard support, was needed)
|
focal |
Needed
|
|
impish |
Ignored
(reached end-of-life)
|
|
jammy |
Needs triage
|
|
kinetic |
Needs triage
|
|
lunar |
Needs triage
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Ignored
(end of standard support, was needed)
|
|
vnc4 Launchpad, Ubuntu, Debian |
bionic |
Needed
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Needed
|
|
upstream |
Needs triage
|
|
xenial |
Needed
|
|
vtk Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Needs triage
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
wbxml2 Launchpad, Ubuntu, Debian |
bionic |
Needed
|
focal |
Needed
|
|
impish |
Ignored
(reached end-of-life)
|
|
jammy |
Needs triage
|
|
kinetic |
Needs triage
|
|
lunar |
Needs triage
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Needed
|
|
xmlrpc-c Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
focal |
Not vulnerable
(code not present)
|
|
impish |
Not vulnerable
(code not present)
|
|
jammy |
Needs triage
|
|
kinetic |
Needs triage
|
|
lunar |
Needs triage
|
|
trusty |
Not vulnerable
(code not present)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 9.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |