Stay Secure with the Latest Linux Advisories

security advisorycode executioninteger overflow

Red Hat: RHSA-2022-7811-01 Important: mingw-expat code execution risks

An update for mingw-expat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: mingw-expat security update Advisory ID: RHSA-2022:7811-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7811 Issue date: 2022-11-08 CVE Names: CVE-2022-23990 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-25315 ==================================================================== 1. Summary: An update for mingw-expat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - noarch 3. Description: Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. The following packages have been upgraded to a later upstream version: mingw-expat (2.4.8). (BZ#2057023, BZ#2057037, BZ#2057127) Security Fix(es): * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235) * expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution (CVE-2022-25236) * expat: Integer overflow in storeRawNames() (CVE-2022-25315) * expat: Stack exhaustion in doctype parsing (CVE-2022-25313) * expat: Integer overflow in copyString()(CVE-2022-25314) * expat: Integer overflow in the doProlog function (CVE-2022-23990) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2048356 - CVE-2022-23990 expat: integer overflow in the doProlog function 2056350 - CVE-2022-25313 expat: Stack exhaustion in doctype parsing 2056354 - CVE-2022-25314 expat: Integer overflow in copyString() 2056363 - CVE-2022-25315 expat: Integer overflow in storeRawNames() 2056366 - CVE-2022-25235 expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution 2056370 - CVE-2022-25236 expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution 6. Package List: Red Hat CodeReady Linux Builder (v. 8): Source: mingw-expat-2.4.8-1.el8.src.rpm noarch: mingw32-expat-2.4.8-1.el8.noarch.rpm mingw32-expat-debuginfo-2.4.8-1.el8.noarch.rpm mingw64-expat-2.4.8-1.el8.noarch.rpm mingw64-expat-debuginfo-2.4.8-1.el8.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2022-23990 https://access.redhat.com/security/cve/CVE-2022-25235 https://access.redhat.com/security/cve/CVE-2022-25236 https://access.redhat.com/security/cve/CVE-2022-25313 https://access.redhat.com/security/cve/CVE-2022-25314 https://access.redhat.com/security/cve/CVE-2022-25315 https://access.redhat.com/security/updates/classification#important https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.7_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2pSN9zjgjWX9erEAQiUug//S0FwujIXoFODWtJgEPijbfoA28JgVjcz lRdWl0wmXyMSlFkkBVIrOeGgxM4oLUpAwOdOPWIzb/M29xEfo4h3e8lHlwAwqklO lQcv663dY57lHRfbKgunlYWKTZ4+3kZbziZB/Zv58rw6bPDQ/wE96urY3/O0m1ct Dkk3j4zKiAnIFKWEvUHCwui7tOeUHXNAasCXifYoePimf9+lgta+pnYf86parIBg D3afd0S6meUnLqW6EtD0WTJPh6eztjDFEJ/9LKpXo2SL8FAYTrI9yfGQJNsHkGc4 9NaAd3QeBKoGqcg/qBdb9FfwQqHZJGot4BtTui8/E5xnUg3F+/1PuMGxtQ4jI6X9 ey6sWsUKCXMdlhv3TxAs/LFTR1cnkT7heEag/f58eo/W8VBow09k7cs3iktrNd+M 4REv3cfyJ+kFAfA6N6plHb27lFP0aTMveH7FYiWpFGqPH15u3NFcPdsk8qijv4WZ sREJ6LgDknk80Rmla2td+l3Vo4iTCWEL7gvoY9uhzWCbuMvj1SSk5rOqVXtOEvuF 8MpPM+xShIgGbYrFPxeMjYF16p+FxYVDcapSGrIORksAKOunAWDOHmZf+jR7iCMX ts3y9wxwNBObMK+Jr+ApYRohz9obamvxjlwBwXSWJ6xlsFyu5Y3e6IzSm/EJpK1i f25ydDFruA4=jL/2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat announces critical security patch for mingw-expat, tackling possible code execution vulnerabilities and integer overflow issues.. mingw-expat update, Red Hat security, code execution risk, integer overflow issues. . Severity: Important. LinuxSecurity.com Team

Nov 08, 2022 •Important Red Hat