Alerts This Week
Warning Icon 1 1,082
Alerts This Week
Warning Icon 1 1,082

Mageia 9: MGASA-2024-0362 critical: libexpat crash issue

mageia
Calendar Grey November 12, 2024
Dist Mageia Esm H88
MGASA-2024-0453 addresses vulnerability in port management toolkit; released on 15 Nov 2024 including patches and additional documentation.
An issue was discovered in libexpat before 2.6.4

Summary

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. (CVE-2024-50602)

References

- https://bugs.mageia.org/show_bug.cgi?id=33739

- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2024&m=slackware-security.358428

- https://www.cve.org/CVERecord?id=CVE-2024-50602

Topics%20covered

Topics Covered

security advisory software update crash issue Mageia libexpat

Resolution

SRPMS

- 9/core/expat-2.6.4-1.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 12 Nov 2024
URL: https://advisories.mageia.org/MGASA-2024-0362.html
Type: security
CVE: CVE-2024-50602

Topics%20covered

Topics Covered

security advisory software update crash issue Mageia libexpat

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here