CVE-2022-40674
Published: 14 September 2022
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
Notes
Author | Note |
---|---|
sbeattie | paraview uses system expat xotcl uses system expat poco uses system expat gdcm uses system expat audacity uses system expat simgear uses system expat coin3 uses system expat as of 4.0.0~CMake~6f54f1602475+ds1-1 sitecopy uses system expat since 1:0.16.0-1 (dapper!) |
ebarretto | Nothing in TeX Live statically links to libexpat and nothing directly links to it either. |
Priority
Status
Package | Release | Status |
---|---|---|
firefox Launchpad, Ubuntu, Debian |
jammy |
Not vulnerable
(code not present)
|
kinetic |
Not vulnerable
(code not present)
|
|
bionic |
Released
(107.0+build2-0ubuntu0.18.04.1)
|
|
focal |
Released
(107.0+build2-0ubuntu0.20.04.1)
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
lunar |
Not vulnerable
(code not present)
|
|
xenial |
Ignored
(end of standard support)
|
|
mantic |
Not vulnerable
(code not present)
|
|
cadaver Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
bionic |
Needs triage
|
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
mantic |
Needs triage
|
|
lunar |
Ignored
(end of life, was needs-triage)
|
|
coin3 Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
xenial |
Needs triage
|
|
bionic |
Needs triage
|
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
trusty |
Needs triage
|
|
upstream |
Needs triage
|
|
mantic |
Needs triage
|
|
lunar |
Ignored
(end of life, was needs-triage)
|
|
gdcm Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
bionic |
Needs triage
|
|
trusty |
Needs triage
|
|
mantic |
Needs triage
|
|
lunar |
Ignored
(end of life, was needs-triage)
|
|
libxmltok Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
bionic |
Needs triage
|
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(code not present)
|
|
mantic |
Needs triage
|
|
lunar |
Ignored
(end of life, was needs-triage)
|
|
matanza Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
xenial |
Needs triage
|
|
bionic |
Needs triage
|
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
mantic |
Needs triage
|
|
lunar |
Ignored
(end of life, was needs-triage)
|
|
swish-e Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
xenial |
Needs triage
|
|
bionic |
Needs triage
|
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
mantic |
Needs triage
|
|
lunar |
Ignored
(end of life, was needs-triage)
|
|
tdom Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
xenial |
Needs triage
|
|
bionic |
Needs triage
|
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
mantic |
Needs triage
|
|
lunar |
Ignored
(end of life, was needs-triage)
|
|
thunderbird Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
jammy |
Ignored
(bundled deps handled by upstream in new versions)
|
|
focal |
Ignored
(bundled deps handled by upstream in new versions)
|
|
bionic |
Ignored
(end of standard support, was needs-triage)
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Ignored
(end of standard support)
|
|
lunar |
Ignored
(end of life, was ignored [bundled deps handled by upstream in new versions])
|
|
mantic |
Ignored
(bundled deps handled by upstream in new versions)
|
|
wbxml2 Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
bionic |
Needs triage
|
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
mantic |
Needs triage
|
|
lunar |
Ignored
(end of life, was needs-triage)
|
|
xmlrpc-c Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
bionic |
Needs triage
|
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
trusty |
Needs triage
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
mantic |
Needs triage
|
|
lunar |
Ignored
(end of life, was needs-triage)
|
|
insighttoolkit4 Launchpad, Ubuntu, Debian |
focal |
Not vulnerable
(uses system expat)
|
jammy |
Not vulnerable
(uses system expat)
|
|
kinetic |
Not vulnerable
(uses system expat)
|
|
bionic |
Not vulnerable
(uses system expat)
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
lunar |
Not vulnerable
(uses system expat)
|
|
mantic |
Does not exist
|
|
cmake Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(uses system expat)
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
focal |
Not vulnerable
(uses system expat)
|
|
jammy |
Not vulnerable
(uses system expat)
|
|
xenial |
Not vulnerable
(uses system expat)
|
|
kinetic |
Not vulnerable
(uses system expat)
|
|
lunar |
Not vulnerable
(uses system expat)
|
|
mantic |
Not vulnerable
(uses system expat)
|
|
expat Launchpad, Ubuntu, Debian |
bionic |
Released
(2.2.5-3ubuntu0.8)
|
focal |
Released
(2.2.9-1ubuntu0.5)
|
|
jammy |
Released
(2.4.7-1ubuntu0.1)
|
|
trusty |
Released
(2.1.0-4ubuntu1.4+esm7)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
xenial |
Released
(2.1.0-7ubuntu0.16.04.5+esm6)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
upstream |
Needs triage
|
|
kinetic |
Released
(2.4.8-2)
|
|
lunar |
Released
(2.5.0-1)
|
|
mantic |
Released
(2.5.0-1)
|
|
Patches: upstream: https://github.com/libexpat/libexpat/commit/4a32da87e931ba54393d465bb77c40b5c33d343b |
||
apache2 Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
bionic |
Not vulnerable
(uses system expat)
|
|
focal |
Not vulnerable
(uses system expat)
|
|
jammy |
Not vulnerable
(uses system expat)
|
|
trusty |
Not vulnerable
(uses system expat)
|
|
xenial |
Not vulnerable
(uses system expat)
|
|
kinetic |
Not vulnerable
(uses system expat)
|
|
lunar |
Not vulnerable
(uses system expat)
|
|
mantic |
Not vulnerable
(uses system expat)
|
|
apr-util Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
bionic |
Not vulnerable
(uses system expat)
|
|
focal |
Not vulnerable
(uses system expat)
|
|
jammy |
Not vulnerable
(uses system expat)
|
|
trusty |
Not vulnerable
(uses system expat)
|
|
xenial |
Not vulnerable
(uses system expat)
|
|
kinetic |
Not vulnerable
(uses system expat)
|
|
lunar |
Not vulnerable
(uses system expat)
|
|
mantic |
Not vulnerable
(uses system expat)
|
|
ayttm Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
cableswig Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
smart Launchpad, Ubuntu, Debian |
xenial |
Needs triage
|
bionic |
Needs triage
|
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
ghostscript Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(uses system expat)
|
focal |
Not vulnerable
(uses system expat)
|
|
jammy |
Not vulnerable
(uses system expat)
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Not vulnerable
(uses system expat)
|
|
kinetic |
Not vulnerable
(uses system expat)
|
|
lunar |
Not vulnerable
(uses system expat)
|
|
mantic |
Not vulnerable
(uses system expat)
|
|
insighttoolkit Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
texlive-bin Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
trusty |
Ignored
(end of standard support)
|
|
xenial |
Needs triage
|
|
kinetic |
Not vulnerable
|
|
lunar |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
upstream |
Not vulnerable
|
|
mantic |
Not vulnerable
|
|
vnc4 Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
trusty |
Needs triage
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
vtk Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
trusty |
Needs triage
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.1 |
Attack vector | Network |
Attack complexity | High |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
- https://github.com/libexpat/libexpat/pull/629
- https://github.com/libexpat/libexpat/pull/640
- https://ubuntu.com/security/notices/USN-5638-1
- https://ubuntu.com/security/notices/USN-5726-1
- https://ubuntu.com/security/notices/USN-5638-2
- https://ubuntu.com/security/notices/USN-5638-4
- NVD
- Launchpad
- Debian