Wind River Support Network

HomeDefectsLIN1021-29
Fixed

LIN1021-29 : Security Advisory - libxml2 - CVE-2021-3537

Created: May 17, 2021    Updated: Aug 25, 2021
Resolved Date: Jul 17, 2021
Found In Version: 10.21.20.1
Fix Version: 10.21.20.3
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

Parsing specially crafted Mixed Content while parsing XML data may lead to invalid data structure being created, as errors were not propagated. This could lead to several NULL Pointer Dereference when post-validating documents parsed in recovery mode. 

https://gitlab.gnome.org/GNOME/libxml2/-/commit/babe75030c7f64a37826bb3342317134568bef61

CREATE(Triage):(User=admin) [CVE-2021-3537|https://nvd.nist.gov/vuln/detail/CVE-2021-3537]

CVEs


Live chat
Online