Explore top 10 tips to secure your open-source projects now. Read More
×
Expat could be made to crash if it received specially crafted input.
Software Description:
- expat: XML parsing C library
Details:
It was discovered that Expat used insufficient entropy when generating
hash salt values for its internal hash table. An attacker could use this
to craft an XML document that triggers hash flooding, leading to a
denial of service.
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
libexpat1 2.1.0-7ubuntu0.16.04.5+esm12
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-8520-1
CVE-2026-41080
Get the latest Linux and open source security news straight to your inbox.