CVE-2017-5029

Description

The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

How to fix CVE-2017-5029

To remediate CVE-2017-5029, upgrade the affected package to a fixed version below.

• —upgrade to 1.1.29-r1 or later
• —upgrade to 57.0.2987.98-1~deb8u1 or later
• —upgrade to 1.1.29-2.1 or later
• —upgrade to 1.1.26-14.1+deb7u3 or later
• —upgrade to 1.7.2 or later

Is CVE-2017-5029 being exploited?

Low — EPSS is 1.2%, meaning exploitation activity has not been observed at scale.

Affected packages (5)

• from 0, < 1.1.29-r1
• from 0, < 57.0.2987.98-1~deb8u1
• from 0, < 1.1.29-2.1
• from 0, < 1.1.26-14.1+deb7u3
• from 0, < 1.7.2

CVSS scores

References (10)

• ADVISORYgithub.com/advisories/GHSA-pf6m-fxpq-fg8v
• ADVISORYnvd.nist.gov/vuln/detail/CVE-2017-5029
• ADVISORYsecurity.alpinelinux.org/vuln/CVE-2017-5029
• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2017-5029
• PATCH