CVE-2023-29469

Description

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value).

How to fix CVE-2023-29469

To remediate CVE-2023-29469, upgrade the affected package to a fixed version below.

—upgrade to 2.10.4-r0 or later
—upgrade to 2.9.10+dfsg-6.7+deb11u4 or later

Is CVE-2023-29469 being exploited?

Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0, < 2.10.4-r0
from 0, < 2.9.10+dfsg-6.7+deb11u4

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References (2)

ADVISORYsecurity.alpinelinux.org/vuln/CVE-2023-29469
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2023-29469