REDHAT-BUG-2403688: Low severity libxslt libxslt vulnerability
Type Confusion vulnerability in the EXSLT <func:result> element handler of libxslt. The flaw resides in the exsltFuncResultComp() function, which walks up the node hierarchy to verify that a <func:result> is a descendant of a func:function element. If no such ancestor exists, the loop continues until the XML document node is reached, where the ns pointer is incorrectly interpreted as integer fields (compression and standalone). This type confusion results in reading memory from an unexpected address, leading to a segmentation fault or crash. Although the impact is limited to denial-of-service, the issue can be triggered remotely by processing malicious XSL stylesheets.
Affected Software
Event History
Frequently Asked Questions
What is the severity of REDHAT-BUG-2403688?
The severity of REDHAT-BUG-2403688 is classified as critical due to its potential for type confusion vulnerabilities in libxslt.
How do I fix REDHAT-BUG-2403688?
To fix REDHAT-BUG-2403688, update your libxslt package to the latest version provided by your distribution.
What poses the risk in REDHAT-BUG-2403688?
The risk in REDHAT-BUG-2403688 lies in the flaw in the exsltFuncResultComp() function which can lead to arbitrary code execution.
Which software is affected by REDHAT-BUG-2403688?
The software affected by REDHAT-BUG-2403688 is the libxslt library.
What is the nature of the vulnerability in REDHAT-BUG-2403688?
The nature of the vulnerability in REDHAT-BUG-2403688 is a type confusion issue in the handling of the <func:result> element.